SUSE 5180 Published by

The following security updates are available for openSUSE and SUSE Linux Enterprise:

SUSE-SU-2022:2111-1: important: Security update for the Linux Kernel
SUSE-SU-2024:1320-1: important: Security update for the Linux Kernel
SUSE-SU-2024:1321-1: important: Security update for the Linux Kernel
SUSE-SU-2024:1322-1: important: Security update for the Linux Kernel
openSUSE-SU-2022:0150-1: important: Security update for seamonkey
openSUSE-SU-2022:10002-1: important: Security update for librecad
openSUSE-SU-2022:0148-1: important: Security update for varnish
openSUSE-SU-2022:0149-1: moderate: Security update for libredwg




SUSE-SU-2022:2111-1: important: Security update for the Linux Kernel


SUSE Security Update: Security update for the Linux Kernel
_______________________________

Announcement ID: SUSE-SU-2022:2111-1
Rating: important
References: #1028340 #1055710 #1065729 #1071995 #1084513
#1087082 #1114648 #1158266 #1172456 #1177282
#1182171 #1183723 #1187055 #1191647 #1191958
#1195065 #1195651 #1196018 #1196367 #1196426
#1196999 #1197219 #1197343 #1197663 #1198400
#1198516 #1198577 #1198660 #1198687 #1198742
#1198777 #1198825 #1199012 #1199063 #1199314
#1199399 #1199426 #1199505 #1199507 #1199605
#1199650 #1200143 #1200144 #1200249
Cross-References: CVE-2017-13695 CVE-2018-7755 CVE-2019-19377
CVE-2019-20811 CVE-2020-26541 CVE-2021-20292
CVE-2021-20321 CVE-2021-33061 CVE-2021-38208
CVE-2021-39711 CVE-2021-43389 CVE-2022-1011
CVE-2022-1184 CVE-2022-1353 CVE-2022-1419
CVE-2022-1516 CVE-2022-1652 CVE-2022-1729
CVE-2022-1734 CVE-2022-1974 CVE-2022-1975
CVE-2022-21123 CVE-2022-21125 CVE-2022-21127
CVE-2022-21166 CVE-2022-21180 CVE-2022-21499
CVE-2022-22942 CVE-2022-28748 CVE-2022-30594

CVSS scores:
CVE-2017-13695 (NVD) : 5.5 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CVE-2017-13695 (SUSE): 4 CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
CVE-2018-7755 (NVD) : 5.5 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CVE-2018-7755 (SUSE): 4 CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
CVE-2019-19377 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2019-19377 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2019-20811 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
CVE-2019-20811 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
CVE-2020-26541 (SUSE): 6 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N
CVE-2021-20292 (NVD) : 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CVE-2021-20292 (SUSE): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CVE-2021-20321 (NVD) : 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2021-20321 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2021-33061 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2021-33061 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2021-38208 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2021-38208 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2021-39711 (NVD) : 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
CVE-2021-39711 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CVE-2021-43389 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2021-43389 (SUSE): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-1011 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-1011 (SUSE): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-1184 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-1353 (NVD) : 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
CVE-2022-1353 (SUSE): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H
CVE-2022-1419 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-1419 (SUSE): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CVE-2022-1516 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-1516 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-1652 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-1652 (SUSE): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-1729 (SUSE): 8.2 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H
CVE-2022-1734 (NVD) : 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-1734 (SUSE): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2022-1974 (SUSE): 6.8 CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CVE-2022-1975 (SUSE): 4.5 CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
CVE-2022-21123 (SUSE): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N
CVE-2022-21125 (SUSE): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N
CVE-2022-21127 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CVE-2022-21166 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CVE-2022-21180 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CVE-2022-21499 (NVD) : 6.5 CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H
CVE-2022-21499 (SUSE): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2022-22942 (SUSE): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-28748 (SUSE): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
CVE-2022-30594 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-30594 (SUSE): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected Products:
SUSE CaaS Platform 4.0
SUSE Enterprise Storage 6
SUSE Linux Enterprise High Availability 15-SP1
SUSE Linux Enterprise High Performance Computing 15-SP1
SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS
SUSE Linux Enterprise Module for Live Patching 15-SP1
SUSE Linux Enterprise Server 15-SP1
SUSE Linux Enterprise Server 15-SP1-BCL
SUSE Linux Enterprise Server 15-SP1-LTSS
SUSE Linux Enterprise Server for SAP 15-SP1
SUSE Linux Enterprise Server for SAP Applications 15-SP1
SUSE Manager Proxy 4.0
SUSE Manager Retail Branch Server 4.0
SUSE Manager Server 4.0
openSUSE Leap 15.3
openSUSE Leap 15.4
_______________________________

An update that solves 30 vulnerabilities and has 14 fixes
is now available.

Description:

The SUSE Linux Enterprise 15 SP1 kernel was updated.

The following security bugs were fixed:

- CVE-2022-21127: Fixed a stale MMIO data transient which can be exploited
to speculatively/transiently disclose information via spectre like
attacks. (bsc#1199650)
- CVE-2022-21123: Fixed a stale MMIO data transient which can be exploited
to speculatively/transiently disclose information via spectre like
attacks. (bsc#1199650)
- CVE-2022-21125: Fixed a stale MMIO data transient which can be exploited
to speculatively/transiently disclose information via spectre like
attacks. (bsc#1199650)
- CVE-2022-21180: Fixed a stale MMIO data transient which can be exploited
to speculatively/transiently disclose information via spectre like
attacks. (bsc#1199650)
- CVE-2022-21166: Fixed a stale MMIO data transient which can be exploited
to speculatively/transiently disclose information via spectre like
attacks. (bsc#1199650)
- CVE-2019-19377: Fixed an user-after-free that could be triggered when an
attacker mounts a crafted btrfs filesystem image. (bnc#1158266)
- CVE-2022-1184: Fixed an use-after-free and memory errors in ext4 when
mounting and operating on a corrupted image. (bsc#1198577)
- CVE-2017-13695: Fixed a bug that caused a stack dump allowing local
users to obtain sensitive information from kernel memory and bypass the
KASLR protection mechanism via a crafted ACPI table. (bnc#1055710)
- CVE-2022-1729: Fixed a sys_perf_event_open() race condition against self
(bsc#1199507).
- CVE-2022-1652: Fixed a statically allocated error counter inside the
floppy kernel module (bsc#1199063).
- CVE-2021-39711: In bpf_prog_test_run_skb of test_run.c, there is a
possible out of bounds read due to Incorrect Size Value. This could lead
to local information disclosure with System execution privileges needed.
User interaction is not needed for exploitation (bnc#1197219).
- CVE-2022-30594: Fixed restriction bypass on setting the
PT_SUSPEND_SECCOMP flag (bnc#1199505).
- CVE-2021-33061: Fixed insufficient control flow management for the
Intel(R) 82599 Ethernet Controllers and Adapters that may have allowed
an authenticated user to potentially enable denial of service via local
access (bnc#1196426).
- CVE-2022-1516: Fixed null-ptr-deref caused by x25_disconnect
(bsc#1199012).
- CVE-2021-20321: Fixed a race condition accessing file object in the
OverlayFS subsystem in the way users do rename in specific way with
OverlayFS. A local user could have used this flaw to crash the system
(bnc#1191647).
- CVE-2019-20811: Fixed issue in rx_queue_add_kobject() and
netdev_queue_add_kobject() in net/core/net-sysfs.c, where a reference
count is mishandled (bnc#1172456).
- CVE-2022-28748: Fixed memory lead over the network by ax88179_178a
devices (bsc#1196018).
- CVE-2018-7755: Fixed an issue in the fd_locked_ioctl function in
drivers/block/floppy.c. The floppy driver will copy a kernel pointer to
user memory in response to the FDGETPRM ioctl. An attacker can send the
FDGETPRM ioctl and use the obtained kernel pointer to discover the
location of kernel code and data and bypass kernel security protections
such as KASLR (bnc#1084513).
- CVE-2022-22942: Fixed stale file descriptors on failed usercopy
(bsc#1195065).
- CVE-2022-1419: Fixed a concurrency use-after-free in
vgem_gem_dumb_create (bsc#1198742).
- CVE-2021-43389: Fixed an array-index-out-of-bounds flaw in the
detach_capi_ctr function in drivers/isdn/capi/kcapi.c (bnc#1191958).
- CVE-2021-38208: Fixed a denial of service (NULL pointer dereference and
BUG) by making a getsockname call after a certain type of failure of a
bind call (bnc#1187055).
- CVE-2022-1353: Fixed access controll to kernel memory in the
pfkey_register function in net/key/af_key.c (bnc#1198516).
- CVE-2021-20292: Fixed object validation prior to performing operations
on the object in nouveau_sgdma_create_ttm in Nouveau DRM subsystem
(bnc#1183723).
- CVE-2022-1011: Fixed an use-after-free vulnerability which could allow a
local attacker to retireve (partial) /etc/shadow hashes or any other
data from filesystem when he can mount a FUSE filesystems. (bnc#1197343)
- CVE-2022-1974: Fixed an use-after-free that could causes kernel crash by
simulating an nfc device from user-space. (bsc#1200144).
- CVE-2020-26541: Enforce the secure boot forbidden signature database
(aka dbx) protection mechanism. (bnc#1177282)
- CVE-2022-1975: Fixed a bug that allows an attacker to crash the linux
kernel by simulating nfc device from user-space. (bsc#1200143)
- CVE-2022-21499: Reinforce the kernel lockdown feature, until now it's
been trivial to break out of it with kgdb or kdb. (bsc#1199426)
- CVE-2022-1734: Fixed a r/w use-after-free when non synchronized between
cleanup routine and firmware download routine. (bnc#1199605).

The following non-security bugs were fixed:

- btrfs: relocation: Only remove reloc rb_trees if reloc control has been
initialized (bsc#1199399).
- btrfs: tree-checker: fix incorrect printk format (bsc#1200249).
- net: ena: A typo fix in the file ena_com.h (bsc#1198777).
- net: ena: Add capabilities field with support for ENI stats capability
(bsc#1198777).
- net: ena: Add debug prints for invalid req_id resets (bsc#1198777).
- net: ena: add device distinct log prefix to files (bsc#1198777).
- net: ena: add jiffies of last napi call to stats (bsc#1198777).
- net: ena: aggregate doorbell common operations into a function
(bsc#1198777).
- net: ena: aggregate stats increase into a function (bsc#1198777).
- net: ena: Change ENI stats support check to use capabilities field
(bsc#1198777).
- net: ena: Change return value of ena_calc_io_queue_size() to void
(bsc#1198777).
- net: ena: Change the name of bad_csum variable (bsc#1198777).
- net: ena: Extract recurring driver reset code into a function
(bsc#1198777).
- net: ena: fix coding style nits (bsc#1198777).
- net: ena: fix DMA mapping function issues in XDP (bsc#1198777).
- net: ena: Fix error handling when calculating max IO queues number
(bsc#1198777).
- net: ena: fix inaccurate print type (bsc#1198777).
- net: ena: Fix undefined state when tx request id is out of bounds
(bsc#1198777).
- net: ena: Fix wrong rx request id by resetting device (bsc#1198777).
- net: ena: Improve error logging in driver (bsc#1198777).
- net: ena: introduce ndo_xdp_xmit() function for XDP_REDIRECT
(bsc#1198777).
- net: ena: introduce XDP redirect implementation (bsc#1198777).
- net: ena: make symbol 'ena_alloc_map_page' static (bsc#1198777).
- net: ena: Move reset completion print to the reset function
(bsc#1198777).
- net: ena: optimize data access in fast-path code (bsc#1198777).
- net: ena: re-organize code to improve readability (bsc#1198777).
- net: ena: Remove ena_calc_queue_size_ctx struct (bsc#1198777).
- net: ena: remove extra words from comments (bsc#1198777).
- net: ena: Remove module param and change message severity (bsc#1198777).
- net: ena: Remove rcu_read_lock() around XDP program invocation
(bsc#1198777).
- net: ena: Remove redundant return code check (bsc#1198777).
- net: ena: Remove unused code (bsc#1198777).
- net: ena: store values in their appropriate variables types
(bsc#1198777).
- net: ena: Update XDP verdict upon failure (bsc#1198777).
- net: ena: use build_skb() in RX path (bsc#1198777).
- net: ena: use constant value for net_device allocation (bsc#1198777).
- net: ena: Use dev_alloc() in RX buffer allocation (bsc#1198777).
- net: ena: Use pci_sriov_configure_simple() to enable VFs (bsc#1198777).
- net: ena: use xdp_frame in XDP TX flow (bsc#1198777).
- net: ena: use xdp_return_frame() to free xdp frames (bsc#1198777).
- net: mana: Add counter for packet dropped by XDP (bsc#1195651).
- net: mana: Add counter for XDP_TX (bsc#1195651).
- net: mana: Add handling of CQE_RX_TRUNCATED (bsc#1195651).
- net: mana: Remove unnecessary check of cqe_type in mana_process_rx_cqe()
(bsc#1195651).
- net: mana: Reuse XDP dropped page (bsc#1195651).
- net: mana: Use struct_size() helper in mana_gd_create_dma_region()
(bsc#1195651).
- PCI: hv: Do not set PCI_COMMAND_MEMORY to reduce VM boot time
(bsc#1199314).
- powerpc/64: Fix kernel stack 16-byte alignment (bsc#1196999 ltc#196609S
git-fixes).
- powerpc/64: Interrupts save PPR on stack rather than thread_struct
(bsc#1196999 ltc#196609).
- powerpc/pseries: extract host bridge from pci_bus prior to bus removal
(bsc#1182171 ltc#190900 bsc#1198660 ltc#197803).
- powerpc/pseries: Fix use after free in remove_phb_dynamic() (bsc#1065729
bsc#1198660 ltc#197803).
- scsi: scsi_dh_alua: Avoid crash during alua_bus_detach() (bsc#1028340
bsc#1198825).
- SUNRPC: change locking for xs_swap_enable/disable (bsc#1196367).
- x86/pm: Save the MSR validity status at context setup (bsc#1114648).
- x86/speculation: Restore speculation related MSRs during S3 resume
(bsc#1114648).

Special Instructions and Notes:

Please reboot the system after installing this update.

Patch Instructions:

To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Leap 15.4:

zypper in -t patch openSUSE-SLE-15.4-2022-2111=1

- openSUSE Leap 15.3:

zypper in -t patch openSUSE-SLE-15.3-2022-2111=1

- SUSE Linux Enterprise Server for SAP 15-SP1:

zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP1-2022-2111=1

- SUSE Linux Enterprise Server 15-SP1-LTSS:

zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-LTSS-2022-2111=1

- SUSE Linux Enterprise Server 15-SP1-BCL:

zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-BCL-2022-2111=1

- SUSE Linux Enterprise Module for Live Patching 15-SP1:

zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP1-2022-2111=1

- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS:

zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-LTSS-2022-2111=1

- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS:

zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-ESPOS-2022-2111=1

- SUSE Linux Enterprise High Availability 15-SP1:

zypper in -t patch SUSE-SLE-Product-HA-15-SP1-2022-2111=1

- SUSE Enterprise Storage 6:

zypper in -t patch SUSE-Storage-6-2022-2111=1

- SUSE CaaS Platform 4.0:

To install this update, use the SUSE CaaS Platform 'skuba' tool. It
will inform you if it detects new updates and let you then trigger
updating of the complete cluster in a controlled way.

Package List:

- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):

kernel-default-base-debuginfo-4.12.14-150100.197.114.2
kernel-vanilla-4.12.14-150100.197.114.2
kernel-vanilla-base-4.12.14-150100.197.114.2
kernel-vanilla-base-debuginfo-4.12.14-150100.197.114.2
kernel-vanilla-debuginfo-4.12.14-150100.197.114.2
kernel-vanilla-debugsource-4.12.14-150100.197.114.2
kernel-vanilla-devel-4.12.14-150100.197.114.2
kernel-vanilla-devel-debuginfo-4.12.14-150100.197.114.2
kernel-vanilla-livepatch-devel-4.12.14-150100.197.114.2

- openSUSE Leap 15.4 (ppc64le x86_64):

kernel-debug-base-4.12.14-150100.197.114.2
kernel-debug-base-debuginfo-4.12.14-150100.197.114.2

- openSUSE Leap 15.4 (x86_64):

kernel-kvmsmall-base-4.12.14-150100.197.114.2
kernel-kvmsmall-base-debuginfo-4.12.14-150100.197.114.2

- openSUSE Leap 15.4 (s390x):

kernel-default-man-4.12.14-150100.197.114.2
kernel-zfcpdump-man-4.12.14-150100.197.114.2

- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):

kernel-default-base-debuginfo-4.12.14-150100.197.114.2
kernel-vanilla-4.12.14-150100.197.114.2
kernel-vanilla-base-4.12.14-150100.197.114.2
kernel-vanilla-base-debuginfo-4.12.14-150100.197.114.2
kernel-vanilla-debuginfo-4.12.14-150100.197.114.2
kernel-vanilla-debugsource-4.12.14-150100.197.114.2
kernel-vanilla-devel-4.12.14-150100.197.114.2
kernel-vanilla-devel-debuginfo-4.12.14-150100.197.114.2
kernel-vanilla-livepatch-devel-4.12.14-150100.197.114.2

- openSUSE Leap 15.3 (ppc64le x86_64):

kernel-debug-base-4.12.14-150100.197.114.2
kernel-debug-base-debuginfo-4.12.14-150100.197.114.2

- openSUSE Leap 15.3 (x86_64):

kernel-kvmsmall-base-4.12.14-150100.197.114.2
kernel-kvmsmall-base-debuginfo-4.12.14-150100.197.114.2

- openSUSE Leap 15.3 (s390x):

kernel-default-man-4.12.14-150100.197.114.2
kernel-zfcpdump-man-4.12.14-150100.197.114.2

- SUSE Linux Enterprise Server for SAP 15-SP1 (ppc64le x86_64):

kernel-default-4.12.14-150100.197.114.2
kernel-default-base-4.12.14-150100.197.114.2
kernel-default-base-debuginfo-4.12.14-150100.197.114.2
kernel-default-debuginfo-4.12.14-150100.197.114.2
kernel-default-debugsource-4.12.14-150100.197.114.2
kernel-default-devel-4.12.14-150100.197.114.2
kernel-default-devel-debuginfo-4.12.14-150100.197.114.2
kernel-obs-build-4.12.14-150100.197.114.2
kernel-obs-build-debugsource-4.12.14-150100.197.114.2
kernel-syms-4.12.14-150100.197.114.2
reiserfs-kmp-default-4.12.14-150100.197.114.2
reiserfs-kmp-default-debuginfo-4.12.14-150100.197.114.2

- SUSE Linux Enterprise Server for SAP 15-SP1 (noarch):

kernel-devel-4.12.14-150100.197.114.2
kernel-docs-4.12.14-150100.197.114.2
kernel-macros-4.12.14-150100.197.114.2
kernel-source-4.12.14-150100.197.114.2

- SUSE Linux Enterprise Server 15-SP1-LTSS (aarch64 ppc64le s390x x86_64):

kernel-default-4.12.14-150100.197.114.2
kernel-default-base-4.12.14-150100.197.114.2
kernel-default-base-debuginfo-4.12.14-150100.197.114.2
kernel-default-debuginfo-4.12.14-150100.197.114.2
kernel-default-debugsource-4.12.14-150100.197.114.2
kernel-default-devel-4.12.14-150100.197.114.2
kernel-default-devel-debuginfo-4.12.14-150100.197.114.2
kernel-obs-build-4.12.14-150100.197.114.2
kernel-obs-build-debugsource-4.12.14-150100.197.114.2
kernel-syms-4.12.14-150100.197.114.2
reiserfs-kmp-default-4.12.14-150100.197.114.2
reiserfs-kmp-default-debuginfo-4.12.14-150100.197.114.2

- SUSE Linux Enterprise Server 15-SP1-LTSS (noarch):

kernel-devel-4.12.14-150100.197.114.2
kernel-docs-4.12.14-150100.197.114.2
kernel-macros-4.12.14-150100.197.114.2
kernel-source-4.12.14-150100.197.114.2

- SUSE Linux Enterprise Server 15-SP1-LTSS (s390x):

kernel-default-man-4.12.14-150100.197.114.2
kernel-zfcpdump-debuginfo-4.12.14-150100.197.114.2
kernel-zfcpdump-debugsource-4.12.14-150100.197.114.2

- SUSE Linux Enterprise Server 15-SP1-BCL (x86_64):

kernel-default-4.12.14-150100.197.114.2
kernel-default-base-4.12.14-150100.197.114.2
kernel-default-base-debuginfo-4.12.14-150100.197.114.2
kernel-default-debuginfo-4.12.14-150100.197.114.2
kernel-default-debugsource-4.12.14-150100.197.114.2
kernel-default-devel-4.12.14-150100.197.114.2
kernel-default-devel-debuginfo-4.12.14-150100.197.114.2
kernel-obs-build-4.12.14-150100.197.114.2
kernel-obs-build-debugsource-4.12.14-150100.197.114.2
kernel-syms-4.12.14-150100.197.114.2
reiserfs-kmp-default-4.12.14-150100.197.114.2
reiserfs-kmp-default-debuginfo-4.12.14-150100.197.114.2

- SUSE Linux Enterprise Server 15-SP1-BCL (noarch):

kernel-devel-4.12.14-150100.197.114.2
kernel-docs-4.12.14-150100.197.114.2
kernel-macros-4.12.14-150100.197.114.2
kernel-source-4.12.14-150100.197.114.2

- SUSE Linux Enterprise Module for Live Patching 15-SP1 (ppc64le x86_64):

kernel-default-debuginfo-4.12.14-150100.197.114.2
kernel-default-debugsource-4.12.14-150100.197.114.2
kernel-default-livepatch-4.12.14-150100.197.114.2
kernel-default-livepatch-devel-4.12.14-150100.197.114.2
kernel-livepatch-4_12_14-150100_197_114-default-1-150100.3.3.2

- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (aarch64 x86_64):

kernel-default-4.12.14-150100.197.114.2
kernel-default-base-4.12.14-150100.197.114.2
kernel-default-base-debuginfo-4.12.14-150100.197.114.2
kernel-default-debuginfo-4.12.14-150100.197.114.2
kernel-default-debugsource-4.12.14-150100.197.114.2
kernel-default-devel-4.12.14-150100.197.114.2
kernel-default-devel-debuginfo-4.12.14-150100.197.114.2
kernel-obs-build-4.12.14-150100.197.114.2
kernel-obs-build-debugsource-4.12.14-150100.197.114.2
kernel-syms-4.12.14-150100.197.114.2

- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (noarch):

kernel-devel-4.12.14-150100.197.114.2
kernel-docs-4.12.14-150100.197.114.2
kernel-macros-4.12.14-150100.197.114.2
kernel-source-4.12.14-150100.197.114.2

- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (aarch64 x86_64):

kernel-default-4.12.14-150100.197.114.2
kernel-default-base-4.12.14-150100.197.114.2
kernel-default-base-debuginfo-4.12.14-150100.197.114.2
kernel-default-debuginfo-4.12.14-150100.197.114.2
kernel-default-debugsource-4.12.14-150100.197.114.2
kernel-default-devel-4.12.14-150100.197.114.2
kernel-default-devel-debuginfo-4.12.14-150100.197.114.2
kernel-obs-build-4.12.14-150100.197.114.2
kernel-obs-build-debugsource-4.12.14-150100.197.114.2
kernel-syms-4.12.14-150100.197.114.2

- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (noarch):

kernel-devel-4.12.14-150100.197.114.2
kernel-docs-4.12.14-150100.197.114.2
kernel-macros-4.12.14-150100.197.114.2
kernel-source-4.12.14-150100.197.114.2

- SUSE Linux Enterprise High Availability 15-SP1 (aarch64 ppc64le s390x x86_64):

cluster-md-kmp-default-4.12.14-150100.197.114.2
cluster-md-kmp-default-debuginfo-4.12.14-150100.197.114.2
dlm-kmp-default-4.12.14-150100.197.114.2
dlm-kmp-default-debuginfo-4.12.14-150100.197.114.2
gfs2-kmp-default-4.12.14-150100.197.114.2
gfs2-kmp-default-debuginfo-4.12.14-150100.197.114.2
kernel-default-debuginfo-4.12.14-150100.197.114.2
kernel-default-debugsource-4.12.14-150100.197.114.2
ocfs2-kmp-default-4.12.14-150100.197.114.2
ocfs2-kmp-default-debuginfo-4.12.14-150100.197.114.2

- SUSE Enterprise Storage 6 (aarch64 x86_64):

kernel-default-4.12.14-150100.197.114.2
kernel-default-base-4.12.14-150100.197.114.2
kernel-default-base-debuginfo-4.12.14-150100.197.114.2
kernel-default-debuginfo-4.12.14-150100.197.114.2
kernel-default-debugsource-4.12.14-150100.197.114.2
kernel-default-devel-4.12.14-150100.197.114.2
kernel-default-devel-debuginfo-4.12.14-150100.197.114.2
kernel-obs-build-4.12.14-150100.197.114.2
kernel-obs-build-debugsource-4.12.14-150100.197.114.2
kernel-syms-4.12.14-150100.197.114.2
reiserfs-kmp-default-4.12.14-150100.197.114.2
reiserfs-kmp-default-debuginfo-4.12.14-150100.197.114.2

- SUSE Enterprise Storage 6 (noarch):

kernel-devel-4.12.14-150100.197.114.2
kernel-docs-4.12.14-150100.197.114.2
kernel-macros-4.12.14-150100.197.114.2
kernel-source-4.12.14-150100.197.114.2

- SUSE CaaS Platform 4.0 (x86_64):

kernel-default-4.12.14-150100.197.114.2
kernel-default-base-4.12.14-150100.197.114.2
kernel-default-base-debuginfo-4.12.14-150100.197.114.2
kernel-default-debuginfo-4.12.14-150100.197.114.2
kernel-default-debugsource-4.12.14-150100.197.114.2
kernel-default-devel-4.12.14-150100.197.114.2
kernel-default-devel-debuginfo-4.12.14-150100.197.114.2
kernel-obs-build-4.12.14-150100.197.114.2
kernel-obs-build-debugsource-4.12.14-150100.197.114.2
kernel-syms-4.12.14-150100.197.114.2
reiserfs-kmp-default-4.12.14-150100.197.114.2
reiserfs-kmp-default-debuginfo-4.12.14-150100.197.114.2

- SUSE CaaS Platform 4.0 (noarch):

kernel-devel-4.12.14-150100.197.114.2
kernel-docs-4.12.14-150100.197.114.2
kernel-macros-4.12.14-150100.197.114.2
kernel-source-4.12.14-150100.197.114.2

References:

https://www.suse.com/security/cve/CVE-2017-13695.html
https://www.suse.com/security/cve/CVE-2018-7755.html
https://www.suse.com/security/cve/CVE-2019-19377.html
https://www.suse.com/security/cve/CVE-2019-20811.html
https://www.suse.com/security/cve/CVE-2020-26541.html
https://www.suse.com/security/cve/CVE-2021-20292.html
https://www.suse.com/security/cve/CVE-2021-20321.html
https://www.suse.com/security/cve/CVE-2021-33061.html
https://www.suse.com/security/cve/CVE-2021-38208.html
https://www.suse.com/security/cve/CVE-2021-39711.html
https://www.suse.com/security/cve/CVE-2021-43389.html
https://www.suse.com/security/cve/CVE-2022-1011.html
https://www.suse.com/security/cve/CVE-2022-1184.html
https://www.suse.com/security/cve/CVE-2022-1353.html
https://www.suse.com/security/cve/CVE-2022-1419.html
https://www.suse.com/security/cve/CVE-2022-1516.html
https://www.suse.com/security/cve/CVE-2022-1652.html
https://www.suse.com/security/cve/CVE-2022-1729.html
https://www.suse.com/security/cve/CVE-2022-1734.html
https://www.suse.com/security/cve/CVE-2022-1974.html
https://www.suse.com/security/cve/CVE-2022-1975.html
https://www.suse.com/security/cve/CVE-2022-21123.html
https://www.suse.com/security/cve/CVE-2022-21125.html
https://www.suse.com/security/cve/CVE-2022-21127.html
https://www.suse.com/security/cve/CVE-2022-21166.html
https://www.suse.com/security/cve/CVE-2022-21180.html
https://www.suse.com/security/cve/CVE-2022-21499.html
https://www.suse.com/security/cve/CVE-2022-22942.html
https://www.suse.com/security/cve/CVE-2022-28748.html
https://www.suse.com/security/cve/CVE-2022-30594.html
https://bugzilla.suse.com/1028340
https://bugzilla.suse.com/1055710
https://bugzilla.suse.com/1065729
https://bugzilla.suse.com/1071995
https://bugzilla.suse.com/1084513
https://bugzilla.suse.com/1087082
https://bugzilla.suse.com/1114648
https://bugzilla.suse.com/1158266
https://bugzilla.suse.com/1172456
https://bugzilla.suse.com/1177282
https://bugzilla.suse.com/1182171
https://bugzilla.suse.com/1183723
https://bugzilla.suse.com/1187055
https://bugzilla.suse.com/1191647
https://bugzilla.suse.com/1191958
https://bugzilla.suse.com/1195065
https://bugzilla.suse.com/1195651
https://bugzilla.suse.com/1196018
https://bugzilla.suse.com/1196367
https://bugzilla.suse.com/1196426
https://bugzilla.suse.com/1196999
https://bugzilla.suse.com/1197219
https://bugzilla.suse.com/1197343
https://bugzilla.suse.com/1197663
https://bugzilla.suse.com/1198400
https://bugzilla.suse.com/1198516
https://bugzilla.suse.com/1198577
https://bugzilla.suse.com/1198660
https://bugzilla.suse.com/1198687
https://bugzilla.suse.com/1198742
https://bugzilla.suse.com/1198777
https://bugzilla.suse.com/1198825
https://bugzilla.suse.com/1199012
https://bugzilla.suse.com/1199063
https://bugzilla.suse.com/1199314
https://bugzilla.suse.com/1199399
https://bugzilla.suse.com/1199426
https://bugzilla.suse.com/1199505
https://bugzilla.suse.com/1199507
https://bugzilla.suse.com/1199605
https://bugzilla.suse.com/1199650
https://bugzilla.suse.com/1200143
https://bugzilla.suse.com/1200144
https://bugzilla.suse.com/1200249



SUSE-SU-2024:1320-1: important: Security update for the Linux Kernel


# Security update for the Linux Kernel

Announcement ID: SUSE-SU-2024:1320-1
Rating: important
References:

* bsc#1212514
* bsc#1220237
* bsc#1220320
* bsc#1220340
* bsc#1220366
* bsc#1220411
* bsc#1220413
* bsc#1220439
* bsc#1220443
* bsc#1220445
* bsc#1220466
* bsc#1220478
* bsc#1220482
* bsc#1220484
* bsc#1220486
* bsc#1220487
* bsc#1220790
* bsc#1220831
* bsc#1220833
* bsc#1220836
* bsc#1220839
* bsc#1220840
* bsc#1220843
* bsc#1220870
* bsc#1220871
* bsc#1220872
* bsc#1220878
* bsc#1220879
* bsc#1220885
* bsc#1220898
* bsc#1220918
* bsc#1220920
* bsc#1220921
* bsc#1220926
* bsc#1220927
* bsc#1220929
* bsc#1220932
* bsc#1220938
* bsc#1220940
* bsc#1220954
* bsc#1220955
* bsc#1220959
* bsc#1220960
* bsc#1220961
* bsc#1220965
* bsc#1220969
* bsc#1220978
* bsc#1220979
* bsc#1220981
* bsc#1220982
* bsc#1220983
* bsc#1220985
* bsc#1220986
* bsc#1220987
* bsc#1220989
* bsc#1220990
* bsc#1221009
* bsc#1221012
* bsc#1221015
* bsc#1221022
* bsc#1221039
* bsc#1221040
* bsc#1221048
* bsc#1221055
* bsc#1221058
* bsc#1221077
* bsc#1221276
* bsc#1221551
* bsc#1221553
* bsc#1221725
* bsc#1222073
* bsc#1222619
* jsc#PED-5759

Cross-References:

* CVE-2021-46925
* CVE-2021-46926
* CVE-2021-46927
* CVE-2021-46929
* CVE-2021-46930
* CVE-2021-46931
* CVE-2021-46933
* CVE-2021-46936
* CVE-2021-47082
* CVE-2021-47087
* CVE-2021-47091
* CVE-2021-47093
* CVE-2021-47094
* CVE-2021-47095
* CVE-2021-47096
* CVE-2021-47097
* CVE-2021-47098
* CVE-2021-47099
* CVE-2021-47100
* CVE-2021-47101
* CVE-2021-47102
* CVE-2021-47104
* CVE-2021-47105
* CVE-2021-47107
* CVE-2021-47108
* CVE-2022-48626
* CVE-2022-48629
* CVE-2022-48630
* CVE-2023-35827
* CVE-2023-52450
* CVE-2023-52454
* CVE-2023-52469
* CVE-2023-52470
* CVE-2023-52474
* CVE-2023-52477
* CVE-2023-52492
* CVE-2023-52497
* CVE-2023-52501
* CVE-2023-52502
* CVE-2023-52504
* CVE-2023-52507
* CVE-2023-52508
* CVE-2023-52509
* CVE-2023-52510
* CVE-2023-52511
* CVE-2023-52513
* CVE-2023-52515
* CVE-2023-52517
* CVE-2023-52519
* CVE-2023-52520
* CVE-2023-52523
* CVE-2023-52524
* CVE-2023-52525
* CVE-2023-52528
* CVE-2023-52529
* CVE-2023-52532
* CVE-2023-52564
* CVE-2023-52566
* CVE-2023-52567
* CVE-2023-52569
* CVE-2023-52574
* CVE-2023-52575
* CVE-2023-52576
* CVE-2023-52582
* CVE-2023-52583
* CVE-2023-52597
* CVE-2023-52605
* CVE-2023-52621
* CVE-2024-25742
* CVE-2024-26600

CVSS scores:

* CVE-2021-46925 ( SUSE ): 5.3 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-46925 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-46926 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-46927 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-46927 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-46929 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
* CVE-2021-46929 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-46930 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
* CVE-2021-46930 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-46931 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-46931 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-46933 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
* CVE-2021-46933 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-46936 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-46936 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2021-47082 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47087 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
* CVE-2021-47093 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H
* CVE-2021-47094 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
* CVE-2021-47095 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47096 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
* CVE-2021-47097 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
* CVE-2021-47099 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47100 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47101 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
* CVE-2021-47102 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47104 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
* CVE-2021-47105 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
* CVE-2021-47107 ( SUSE ): 6.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
* CVE-2021-47108 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48626 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
* CVE-2022-48629 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
* CVE-2022-48630 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-35827 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-52450 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52450 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52454 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52469 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
* CVE-2023-52470 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52474 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
* CVE-2023-52477 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52492 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52497 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
* CVE-2023-52501 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
* CVE-2023-52502 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-52504 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52507 ( SUSE ): 5.7 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
* CVE-2023-52508 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52509 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-52510 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-52511 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52513 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52515 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52517 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52519 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52520 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52523 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52524 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52525 ( SUSE ): 3.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
* CVE-2023-52528 ( SUSE ): 3.5 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
* CVE-2023-52529 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52532 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52564 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52566 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52567 ( SUSE ): 2.3 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L
* CVE-2023-52569 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52574 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52575 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52576 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52582 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52583 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52597 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:H
* CVE-2023-52605 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52621 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-25742 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-26600 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected Products:

* openSUSE Leap Micro 5.3
* openSUSE Leap Micro 5.4
* SUSE Linux Enterprise Micro 5.3
* SUSE Linux Enterprise Micro 5.4
* SUSE Linux Enterprise Micro for Rancher 5.3
* SUSE Linux Enterprise Micro for Rancher 5.4

An update that solves 70 vulnerabilities, contains one feature and has two
security fixes can now be installed.

## Description:

The SUSE Linux Enterprise 15 SP4 RT kernel was updated to receive various
security bugfixes.

The following security bugs were fixed:

* CVE-2021-46925: Fixed kernel panic caused by race of smc_sock (bsc#1220466).
* CVE-2021-46926: Fixed bug when detecting controllers in ALSA/hda/intel-sdw-
acpi (bsc#1220478).
* CVE-2021-46927: Fixed assertion bug in nitro_enclaves: Use
get_user_pages_unlocked() (bsc#1220443).
* CVE-2021-46929: Fixed use-after-free issue in sctp_sock_dump()
(bsc#1220482).
* CVE-2021-46930: Fixed usb/mtu3 list_head check warning (bsc#1220484).
* CVE-2021-46931: Fixed wrong type casting in mlx5e_tx_reporter_dump_sq()
(bsc#1220486).
* CVE-2021-46933: Fixed possible underflow in ffs_data_clear() (bsc#1220487).
* CVE-2021-46936: Fixed use-after-free in tw_timer_handler() (bsc#1220439).
* CVE-2021-47082: Fixed ouble free in tun_free_netdev() (bsc#1220969).
* CVE-2021-47087: Fixed incorrect page free bug in tee/optee (bsc#1220954).
* CVE-2021-47091: Fixed locking in ieee80211_start_ap()) error path
(bsc#1220959).
* CVE-2021-47093: Fixed memleak on registration failure in intel_pmc_core
(bsc#1220978).
* CVE-2021-47094: Fixed possible memory leak in KVM x86/mmu (bsc#1221551).
* CVE-2021-47095: Fixed missing initialization in ipmi/ssif (bsc#1220979).
* CVE-2021-47096: Fixed uninitalized user_pversion in ALSA rawmidi
(bsc#1220981).
* CVE-2021-47097: Fixed stack out of bound access in
elantech_change_report_id() (bsc#1220982).
* CVE-2021-47098: Fixed integer overflow/underflow in hysteresis calculations
hwmon: (lm90) (bsc#1220983).
* CVE-2021-47099: Fixed BUG_ON assertion in veth when skb entering GRO are
cloned (bsc#1220955).
* CVE-2021-47100: Fixed UAF when uninstall in ipmi (bsc#1220985).
* CVE-2021-47101: Fixed uninit-value in asix_mdio_read() (bsc#1220987).
* CVE-2021-47102: Fixed incorrect structure access In line: upper =
info->upper_dev in net/marvell/prestera (bsc#1221009).
* CVE-2021-47104: Fixed memory leak in qib_user_sdma_queue_pkts()
(bsc#1220960).
* CVE-2021-47105: Fixed potential memory leak in ice/xsk (bsc#1220961).
* CVE-2021-47107: Fixed READDIR buffer overflow in NFSD (bsc#1220965).
* CVE-2021-47108: Fixed possible NULL pointer dereference for mtk_hdmi_conf in
drm/mediatek (bsc#1220986).
* CVE-2022-48626: Fixed a potential use-after-free on remove path moxart
(bsc#1220366).
* CVE-2022-48629: Fixed possible memory leak in qcom-rng (bsc#1220989).
* CVE-2022-48630: Fixed infinite loop on requests not multiple of WORD_SZ in
crypto: qcom-rng (bsc#1220990).
* CVE-2023-35827: Fixed a use-after-free issue in ravb_tx_timeout_work()
(bsc#1212514).
* CVE-2023-52450: Fixed NULL pointer dereference issue in upi_fill_topology()
(bsc#1220237).
* CVE-2023-52454: Fixed a kernel panic when host sends an invalid H2C PDU
length (bsc#1220320).
* CVE-2023-52469: Fixed a use-after-free in kv_parse_power_table
(bsc#1220411).
* CVE-2023-52470: Fixed null-ptr-deref in radeon_crtc_init() (bsc#1220413).
* CVE-2023-52474: Fixed a vulnerability with non-PAGE_SIZE-end multi-iovec
user SDMA requests (bsc#1220445).
* CVE-2023-52477: Fixed USB Hub accesses to uninitialized BOS descriptors
(bsc#1220790).
* CVE-2023-52492: Fixed a null-pointer-dereference in channel unregistration
function __dma_async_device_channel_register() (bsc#1221276).
* CVE-2023-52497: Fixed data corruption in erofs (bsc#1220879).
* CVE-2023-52501: Fixed possible memory corruption in ring-buffer
(bsc#1220885).
* CVE-2023-52502: Fixed a race condition in nfc_llcp_sock_get() and
nfc_llcp_sock_get_sn() (bsc#1220831).
* CVE-2023-52504: Fixed possible out-of bounds in apply_alternatives() on a
5-level paging machine (bsc#1221553).
* CVE-2023-52507: Fixed possible shift-out-of-bounds in nfc/nci (bsc#1220833).
* CVE-2023-52508: Fixed null pointer dereference in nvme_fc_io_getuuid()
(bsc#1221015).
* CVE-2023-52509: Fixed a use-after-free issue in ravb_tx_timeout_work()
(bsc#1220836).
* CVE-2023-52510: Fixed a potential UAF in ca8210_probe() (bsc#1220898).
* CVE-2023-52511: Fixed possible memory corruption in spi/sun6i (bsc#1221012).
* CVE-2023-52513: Fixed connection failure handling in RDMA/siw (bsc#1221022).
* CVE-2023-52515: Fixed possible use-after-free in RDMA/srp (bsc#1221048).
* CVE-2023-52517: Fixed race between DMA RX transfer completion and RX FIFO
drain in spi/sun6i (bsc#1221055).
* CVE-2023-52519: Fixed possible overflow in HID/intel-ish-hid/ipc
(bsc#1220920).
* CVE-2023-52520: Fixed reference leak in platform/x86/think-lmi
(bsc#1220921).
* CVE-2023-52523: Fixed wrong redirects to non-TCP sockets in bpf
(bsc#1220926).
* CVE-2023-52524: Fixed possible corruption in nfc/llcp (bsc#1220927).
* CVE-2023-52525: Fixed out of bounds check mwifiex_process_rx_packet()
(bsc#1220840).
* CVE-2023-52528: Fixed uninit-value access in __smsc75xx_read_reg()
(bsc#1220843).
* CVE-2023-52529: Fixed a potential memory leak in sony_probe() (bsc#1220929).
* CVE-2023-52532: Fixed a bug in TX CQE error handling (bsc#1220932).
* CVE-2023-52564: Reverted invalid fix for UAF in gsm_cleanup_mux()
(bsc#1220938).
* CVE-2023-52566: Fixed potential use after free in
nilfs_gccache_submit_read_data() (bsc#1220940).
* CVE-2023-52567: Fixed possible Oops in serial/8250_port: when using IRQ
polling (irq = 0) (bsc#1220839).
* CVE-2023-52569: Fixed a bug in btrfs by remoning BUG() after failure to
insert delayed dir index item (bsc#1220918).
* CVE-2023-52574: Fixed a bug by hiding new member header_ops (bsc#1220870).
* CVE-2023-52575: Fixed SBPB enablement for spec_rstack_overflow=off
(bsc#1220871).
* CVE-2023-52576: Fixed potential use after free in memblock_isolate_range()
(bsc#1220872).
* CVE-2023-52582: Fixed possible oops in netfs (bsc#1220878).
* CVE-2023-52583: Fixed deadlock or deadcode of misusing dget() inside ceph
(bsc#1221058).
* CVE-2023-52597: Fixed a setting of fpc register in KVM (bsc#1221040).
* CVE-2023-52605: Fixed a NULL pointer dereference check (bsc#1221039)
* CVE-2023-52621: Fixed missing asserion in bpf (bsc#1222073).
* CVE-2024-25742: Fixed insufficient validation during #VC instruction
emulation in x86/sev (bsc#1221725).
* CVE-2024-26600: Fixed NULL pointer dereference for SRP in phy-omap-usb2
(bsc#1220340).

The following non-security bugs were fixed:

* doc/README.SUSE: Update information about module support status
(jsc#PED-5759)
* group-source-files.pl: Quote filenames (boo#1221077).
* tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc (bsc#1222619).

## Special Instructions and Notes:

* Please reboot the system after installing this update.

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap Micro 5.3
zypper in -t patch openSUSE-Leap-Micro-5.3-2024-1320=1

* openSUSE Leap Micro 5.4
zypper in -t patch openSUSE-Leap-Micro-5.4-2024-1320=1

* SUSE Linux Enterprise Micro for Rancher 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2024-1320=1

* SUSE Linux Enterprise Micro 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2024-1320=1

* SUSE Linux Enterprise Micro for Rancher 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2024-1320=1

* SUSE Linux Enterprise Micro 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2024-1320=1

## Package List:

* openSUSE Leap Micro 5.3 (nosrc x86_64)
* kernel-rt-5.14.21-150400.15.76.1
* openSUSE Leap Micro 5.3 (x86_64)
* kernel-rt-debuginfo-5.14.21-150400.15.76.1
* kernel-rt-debugsource-5.14.21-150400.15.76.1
* openSUSE Leap Micro 5.4 (nosrc x86_64)
* kernel-rt-5.14.21-150400.15.76.1
* openSUSE Leap Micro 5.4 (x86_64)
* kernel-rt-debuginfo-5.14.21-150400.15.76.1
* kernel-rt-debugsource-5.14.21-150400.15.76.1
* SUSE Linux Enterprise Micro for Rancher 5.3 (nosrc x86_64)
* kernel-rt-5.14.21-150400.15.76.1
* SUSE Linux Enterprise Micro for Rancher 5.3 (x86_64)
* kernel-rt-debuginfo-5.14.21-150400.15.76.1
* kernel-rt-debugsource-5.14.21-150400.15.76.1
* SUSE Linux Enterprise Micro for Rancher 5.3 (noarch)
* kernel-source-rt-5.14.21-150400.15.76.1
* SUSE Linux Enterprise Micro 5.3 (nosrc x86_64)
* kernel-rt-5.14.21-150400.15.76.1
* SUSE Linux Enterprise Micro 5.3 (x86_64)
* kernel-rt-debuginfo-5.14.21-150400.15.76.1
* kernel-rt-debugsource-5.14.21-150400.15.76.1
* SUSE Linux Enterprise Micro 5.3 (noarch)
* kernel-source-rt-5.14.21-150400.15.76.1
* SUSE Linux Enterprise Micro for Rancher 5.4 (nosrc x86_64)
* kernel-rt-5.14.21-150400.15.76.1
* SUSE Linux Enterprise Micro for Rancher 5.4 (x86_64)
* kernel-rt-debuginfo-5.14.21-150400.15.76.1
* kernel-rt-debugsource-5.14.21-150400.15.76.1
* SUSE Linux Enterprise Micro for Rancher 5.4 (noarch)
* kernel-source-rt-5.14.21-150400.15.76.1
* SUSE Linux Enterprise Micro 5.4 (nosrc x86_64)
* kernel-rt-5.14.21-150400.15.76.1
* SUSE Linux Enterprise Micro 5.4 (x86_64)
* kernel-rt-debuginfo-5.14.21-150400.15.76.1
* kernel-rt-debugsource-5.14.21-150400.15.76.1
* SUSE Linux Enterprise Micro 5.4 (noarch)
* kernel-source-rt-5.14.21-150400.15.76.1

## References:

* https://www.suse.com/security/cve/CVE-2021-46925.html
* https://www.suse.com/security/cve/CVE-2021-46926.html
* https://www.suse.com/security/cve/CVE-2021-46927.html
* https://www.suse.com/security/cve/CVE-2021-46929.html
* https://www.suse.com/security/cve/CVE-2021-46930.html
* https://www.suse.com/security/cve/CVE-2021-46931.html
* https://www.suse.com/security/cve/CVE-2021-46933.html
* https://www.suse.com/security/cve/CVE-2021-46936.html
* https://www.suse.com/security/cve/CVE-2021-47082.html
* https://www.suse.com/security/cve/CVE-2021-47087.html
* https://www.suse.com/security/cve/CVE-2021-47091.html
* https://www.suse.com/security/cve/CVE-2021-47093.html
* https://www.suse.com/security/cve/CVE-2021-47094.html
* https://www.suse.com/security/cve/CVE-2021-47095.html
* https://www.suse.com/security/cve/CVE-2021-47096.html
* https://www.suse.com/security/cve/CVE-2021-47097.html
* https://www.suse.com/security/cve/CVE-2021-47098.html
* https://www.suse.com/security/cve/CVE-2021-47099.html
* https://www.suse.com/security/cve/CVE-2021-47100.html
* https://www.suse.com/security/cve/CVE-2021-47101.html
* https://www.suse.com/security/cve/CVE-2021-47102.html
* https://www.suse.com/security/cve/CVE-2021-47104.html
* https://www.suse.com/security/cve/CVE-2021-47105.html
* https://www.suse.com/security/cve/CVE-2021-47107.html
* https://www.suse.com/security/cve/CVE-2021-47108.html
* https://www.suse.com/security/cve/CVE-2022-48626.html
* https://www.suse.com/security/cve/CVE-2022-48629.html
* https://www.suse.com/security/cve/CVE-2022-48630.html
* https://www.suse.com/security/cve/CVE-2023-35827.html
* https://www.suse.com/security/cve/CVE-2023-52450.html
* https://www.suse.com/security/cve/CVE-2023-52454.html
* https://www.suse.com/security/cve/CVE-2023-52469.html
* https://www.suse.com/security/cve/CVE-2023-52470.html
* https://www.suse.com/security/cve/CVE-2023-52474.html
* https://www.suse.com/security/cve/CVE-2023-52477.html
* https://www.suse.com/security/cve/CVE-2023-52492.html
* https://www.suse.com/security/cve/CVE-2023-52497.html
* https://www.suse.com/security/cve/CVE-2023-52501.html
* https://www.suse.com/security/cve/CVE-2023-52502.html
* https://www.suse.com/security/cve/CVE-2023-52504.html
* https://www.suse.com/security/cve/CVE-2023-52507.html
* https://www.suse.com/security/cve/CVE-2023-52508.html
* https://www.suse.com/security/cve/CVE-2023-52509.html
* https://www.suse.com/security/cve/CVE-2023-52510.html
* https://www.suse.com/security/cve/CVE-2023-52511.html
* https://www.suse.com/security/cve/CVE-2023-52513.html
* https://www.suse.com/security/cve/CVE-2023-52515.html
* https://www.suse.com/security/cve/CVE-2023-52517.html
* https://www.suse.com/security/cve/CVE-2023-52519.html
* https://www.suse.com/security/cve/CVE-2023-52520.html
* https://www.suse.com/security/cve/CVE-2023-52523.html
* https://www.suse.com/security/cve/CVE-2023-52524.html
* https://www.suse.com/security/cve/CVE-2023-52525.html
* https://www.suse.com/security/cve/CVE-2023-52528.html
* https://www.suse.com/security/cve/CVE-2023-52529.html
* https://www.suse.com/security/cve/CVE-2023-52532.html
* https://www.suse.com/security/cve/CVE-2023-52564.html
* https://www.suse.com/security/cve/CVE-2023-52566.html
* https://www.suse.com/security/cve/CVE-2023-52567.html
* https://www.suse.com/security/cve/CVE-2023-52569.html
* https://www.suse.com/security/cve/CVE-2023-52574.html
* https://www.suse.com/security/cve/CVE-2023-52575.html
* https://www.suse.com/security/cve/CVE-2023-52576.html
* https://www.suse.com/security/cve/CVE-2023-52582.html
* https://www.suse.com/security/cve/CVE-2023-52583.html
* https://www.suse.com/security/cve/CVE-2023-52597.html
* https://www.suse.com/security/cve/CVE-2023-52605.html
* https://www.suse.com/security/cve/CVE-2023-52621.html
* https://www.suse.com/security/cve/CVE-2024-25742.html
* https://www.suse.com/security/cve/CVE-2024-26600.html
* https://bugzilla.suse.com/show_bug.cgi?id=1212514
* https://bugzilla.suse.com/show_bug.cgi?id=1220237
* https://bugzilla.suse.com/show_bug.cgi?id=1220320
* https://bugzilla.suse.com/show_bug.cgi?id=1220340
* https://bugzilla.suse.com/show_bug.cgi?id=1220366
* https://bugzilla.suse.com/show_bug.cgi?id=1220411
* https://bugzilla.suse.com/show_bug.cgi?id=1220413
* https://bugzilla.suse.com/show_bug.cgi?id=1220439
* https://bugzilla.suse.com/show_bug.cgi?id=1220443
* https://bugzilla.suse.com/show_bug.cgi?id=1220445
* https://bugzilla.suse.com/show_bug.cgi?id=1220466
* https://bugzilla.suse.com/show_bug.cgi?id=1220478
* https://bugzilla.suse.com/show_bug.cgi?id=1220482
* https://bugzilla.suse.com/show_bug.cgi?id=1220484
* https://bugzilla.suse.com/show_bug.cgi?id=1220486
* https://bugzilla.suse.com/show_bug.cgi?id=1220487
* https://bugzilla.suse.com/show_bug.cgi?id=1220790
* https://bugzilla.suse.com/show_bug.cgi?id=1220831
* https://bugzilla.suse.com/show_bug.cgi?id=1220833
* https://bugzilla.suse.com/show_bug.cgi?id=1220836
* https://bugzilla.suse.com/show_bug.cgi?id=1220839
* https://bugzilla.suse.com/show_bug.cgi?id=1220840
* https://bugzilla.suse.com/show_bug.cgi?id=1220843
* https://bugzilla.suse.com/show_bug.cgi?id=1220870
* https://bugzilla.suse.com/show_bug.cgi?id=1220871
* https://bugzilla.suse.com/show_bug.cgi?id=1220872
* https://bugzilla.suse.com/show_bug.cgi?id=1220878
* https://bugzilla.suse.com/show_bug.cgi?id=1220879
* https://bugzilla.suse.com/show_bug.cgi?id=1220885
* https://bugzilla.suse.com/show_bug.cgi?id=1220898
* https://bugzilla.suse.com/show_bug.cgi?id=1220918
* https://bugzilla.suse.com/show_bug.cgi?id=1220920
* https://bugzilla.suse.com/show_bug.cgi?id=1220921
* https://bugzilla.suse.com/show_bug.cgi?id=1220926
* https://bugzilla.suse.com/show_bug.cgi?id=1220927
* https://bugzilla.suse.com/show_bug.cgi?id=1220929
* https://bugzilla.suse.com/show_bug.cgi?id=1220932
* https://bugzilla.suse.com/show_bug.cgi?id=1220938
* https://bugzilla.suse.com/show_bug.cgi?id=1220940
* https://bugzilla.suse.com/show_bug.cgi?id=1220954
* https://bugzilla.suse.com/show_bug.cgi?id=1220955
* https://bugzilla.suse.com/show_bug.cgi?id=1220959
* https://bugzilla.suse.com/show_bug.cgi?id=1220960
* https://bugzilla.suse.com/show_bug.cgi?id=1220961
* https://bugzilla.suse.com/show_bug.cgi?id=1220965
* https://bugzilla.suse.com/show_bug.cgi?id=1220969
* https://bugzilla.suse.com/show_bug.cgi?id=1220978
* https://bugzilla.suse.com/show_bug.cgi?id=1220979
* https://bugzilla.suse.com/show_bug.cgi?id=1220981
* https://bugzilla.suse.com/show_bug.cgi?id=1220982
* https://bugzilla.suse.com/show_bug.cgi?id=1220983
* https://bugzilla.suse.com/show_bug.cgi?id=1220985
* https://bugzilla.suse.com/show_bug.cgi?id=1220986
* https://bugzilla.suse.com/show_bug.cgi?id=1220987
* https://bugzilla.suse.com/show_bug.cgi?id=1220989
* https://bugzilla.suse.com/show_bug.cgi?id=1220990
* https://bugzilla.suse.com/show_bug.cgi?id=1221009
* https://bugzilla.suse.com/show_bug.cgi?id=1221012
* https://bugzilla.suse.com/show_bug.cgi?id=1221015
* https://bugzilla.suse.com/show_bug.cgi?id=1221022
* https://bugzilla.suse.com/show_bug.cgi?id=1221039
* https://bugzilla.suse.com/show_bug.cgi?id=1221040
* https://bugzilla.suse.com/show_bug.cgi?id=1221048
* https://bugzilla.suse.com/show_bug.cgi?id=1221055
* https://bugzilla.suse.com/show_bug.cgi?id=1221058
* https://bugzilla.suse.com/show_bug.cgi?id=1221077
* https://bugzilla.suse.com/show_bug.cgi?id=1221276
* https://bugzilla.suse.com/show_bug.cgi?id=1221551
* https://bugzilla.suse.com/show_bug.cgi?id=1221553
* https://bugzilla.suse.com/show_bug.cgi?id=1221725
* https://bugzilla.suse.com/show_bug.cgi?id=1222073
* https://bugzilla.suse.com/show_bug.cgi?id=1222619
* https://jira.suse.com/browse/PED-5759



SUSE-SU-2024:1321-1: important: Security update for the Linux Kernel


# Security update for the Linux Kernel

Announcement ID: SUSE-SU-2024:1321-1
Rating: important
References:

* bsc#1200599
* bsc#1209635
* bsc#1212514
* bsc#1213456
* bsc#1217987
* bsc#1217988
* bsc#1217989
* bsc#1220237
* bsc#1220251
* bsc#1220320
* bsc#1220340
* bsc#1220366
* bsc#1220411
* bsc#1220413
* bsc#1220439
* bsc#1220443
* bsc#1220445
* bsc#1220466
* bsc#1220478
* bsc#1220482
* bsc#1220484
* bsc#1220486
* bsc#1220487
* bsc#1220790
* bsc#1220831
* bsc#1220833
* bsc#1220836
* bsc#1220839
* bsc#1220840
* bsc#1220843
* bsc#1220870
* bsc#1220871
* bsc#1220872
* bsc#1220878
* bsc#1220879
* bsc#1220885
* bsc#1220898
* bsc#1220918
* bsc#1220920
* bsc#1220921
* bsc#1220926
* bsc#1220927
* bsc#1220929
* bsc#1220932
* bsc#1220938
* bsc#1220940
* bsc#1220954
* bsc#1220955
* bsc#1220959
* bsc#1220960
* bsc#1220961
* bsc#1220965
* bsc#1220969
* bsc#1220978
* bsc#1220979
* bsc#1220981
* bsc#1220982
* bsc#1220983
* bsc#1220985
* bsc#1220986
* bsc#1220987
* bsc#1220989
* bsc#1220990
* bsc#1221009
* bsc#1221012
* bsc#1221015
* bsc#1221022
* bsc#1221039
* bsc#1221040
* bsc#1221048
* bsc#1221055
* bsc#1221058
* bsc#1221077
* bsc#1221276
* bsc#1221551
* bsc#1221553
* bsc#1221725
* bsc#1222073
* bsc#1222619
* jsc#PED-5759

Cross-References:

* CVE-2021-46925
* CVE-2021-46926
* CVE-2021-46927
* CVE-2021-46929
* CVE-2021-46930
* CVE-2021-46931
* CVE-2021-46933
* CVE-2021-46936
* CVE-2021-47082
* CVE-2021-47087
* CVE-2021-47091
* CVE-2021-47093
* CVE-2021-47094
* CVE-2021-47095
* CVE-2021-47096
* CVE-2021-47097
* CVE-2021-47098
* CVE-2021-47099
* CVE-2021-47100
* CVE-2021-47101
* CVE-2021-47102
* CVE-2021-47104
* CVE-2021-47105
* CVE-2021-47107
* CVE-2021-47108
* CVE-2022-20154
* CVE-2022-4744
* CVE-2022-48626
* CVE-2022-48629
* CVE-2022-48630
* CVE-2023-28746
* CVE-2023-35827
* CVE-2023-52447
* CVE-2023-52450
* CVE-2023-52454
* CVE-2023-52469
* CVE-2023-52470
* CVE-2023-52474
* CVE-2023-52477
* CVE-2023-52492
* CVE-2023-52497
* CVE-2023-52501
* CVE-2023-52502
* CVE-2023-52504
* CVE-2023-52507
* CVE-2023-52508
* CVE-2023-52509
* CVE-2023-52510
* CVE-2023-52511
* CVE-2023-52513
* CVE-2023-52515
* CVE-2023-52517
* CVE-2023-52519
* CVE-2023-52520
* CVE-2023-52523
* CVE-2023-52524
* CVE-2023-52525
* CVE-2023-52528
* CVE-2023-52529
* CVE-2023-52532
* CVE-2023-52564
* CVE-2023-52566
* CVE-2023-52567
* CVE-2023-52569
* CVE-2023-52574
* CVE-2023-52575
* CVE-2023-52576
* CVE-2023-52582
* CVE-2023-52583
* CVE-2023-52597
* CVE-2023-52605
* CVE-2023-52621
* CVE-2023-6356
* CVE-2023-6535
* CVE-2023-6536
* CVE-2024-25742
* CVE-2024-26600

CVSS scores:

* CVE-2021-46925 ( SUSE ): 5.3 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-46925 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-46926 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-46927 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-46927 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-46929 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
* CVE-2021-46929 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-46930 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
* CVE-2021-46930 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-46931 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-46931 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-46933 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
* CVE-2021-46933 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-46936 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-46936 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2021-47082 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47087 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
* CVE-2021-47093 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H
* CVE-2021-47094 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
* CVE-2021-47095 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47096 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
* CVE-2021-47097 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
* CVE-2021-47099 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47100 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47101 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
* CVE-2021-47102 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47104 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
* CVE-2021-47105 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
* CVE-2021-47107 ( SUSE ): 6.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
* CVE-2021-47108 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-20154 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2022-20154 ( NVD ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
* CVE-2022-4744 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2022-4744 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2022-48626 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
* CVE-2022-48629 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
* CVE-2022-48630 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-28746 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
* CVE-2023-35827 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-52447 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-52447 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-52450 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52450 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52454 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52469 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
* CVE-2023-52470 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52474 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
* CVE-2023-52477 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52492 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52497 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
* CVE-2023-52501 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
* CVE-2023-52502 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-52504 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52507 ( SUSE ): 5.7 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
* CVE-2023-52508 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52509 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-52510 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-52511 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52513 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52515 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52517 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52519 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52520 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52523 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52524 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52525 ( SUSE ): 3.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
* CVE-2023-52528 ( SUSE ): 3.5 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
* CVE-2023-52529 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52532 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52564 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52566 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52567 ( SUSE ): 2.3 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L
* CVE-2023-52569 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52574 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52575 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52576 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52582 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52583 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52597 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:H
* CVE-2023-52605 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52621 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-6356 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-6356 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-6535 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-6535 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-6536 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-6536 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-25742 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-26600 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected Products:

* openSUSE Leap 15.4
* openSUSE Leap Micro 5.3
* openSUSE Leap Micro 5.4
* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4
* SUSE Linux Enterprise High Availability Extension 15 SP4
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
* SUSE Linux Enterprise Live Patching 15-SP4
* SUSE Linux Enterprise Micro 5.3
* SUSE Linux Enterprise Micro 5.4
* SUSE Linux Enterprise Micro for Rancher 5.3
* SUSE Linux Enterprise Micro for Rancher 5.4
* SUSE Linux Enterprise Real Time 15 SP4
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Manager Proxy 4.3
* SUSE Manager Retail Branch Server 4.3
* SUSE Manager Server 4.3

An update that solves 77 vulnerabilities, contains one feature and has two
security fixes can now be installed.

## Description:

The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security
bugfixes.

The following security bugs were fixed:

* CVE-2024-25742: Fixed insufficient validation during #VC instruction
emulation in x86/sev (bsc#1221725).
* CVE-2023-52519: Fixed possible overflow in HID/intel-ish-hid/ipc
(bsc#1220920).
* CVE-2023-52529: Fixed a potential memory leak in sony_probe() (bsc#1220929).
* CVE-2023-52474: Fixed a vulnerability with non-PAGE_SIZE-end multi-iovec
user SDMA requests (bsc#1220445).
* CVE-2023-52513: Fixed connection failure handling in RDMA/siw (bsc#1221022).
* CVE-2023-52515: Fixed possible use-after-free in RDMA/srp (bsc#1221048).
* CVE-2023-52564: Reverted invalid fix for UAF in gsm_cleanup_mux()
(bsc#1220938).
* CVE-2023-52447: Fixed map_fd_put_ptr() signature kABI workaround
(bsc#1220251).
* CVE-2023-52510: Fixed a potential UAF in ca8210_probe() (bsc#1220898).
* CVE-2023-52524: Fixed possible corruption in nfc/llcp (bsc#1220927).
* CVE-2023-52528: Fixed uninit-value access in __smsc75xx_read_reg()
(bsc#1220843).
* CVE-2023-52507: Fixed possible shift-out-of-bounds in nfc/nci (bsc#1220833).
* CVE-2023-52566: Fixed potential use after free in
nilfs_gccache_submit_read_data() (bsc#1220940).
* CVE-2023-52508: Fixed null pointer dereference in nvme_fc_io_getuuid()
(bsc#1221015).
* CVE-2023-6535: Fixed a NULL pointer dereference in nvmet_tcp_execute_request
(bsc#1217988).
* CVE-2023-6536: Fixed a NULL pointer dereference in __nvmet_req_complete
(bsc#1217989).
* CVE-2023-6356: Fixed a NULL pointer dereference in nvmet_tcp_build_pdu_iovec
(bsc#1217987).
* CVE-2023-52454: Fixed a kernel panic when host sends an invalid H2C PDU
length (bsc#1220320).
* CVE-2023-52520: Fixed reference leak in platform/x86/think-lmi
(bsc#1220921).
* CVE-2023-35827: Fixed a use-after-free issue in ravb_tx_timeout_work()
(bsc#1212514).
* CVE-2023-52509: Fixed a use-after-free issue in ravb_tx_timeout_work()
(bsc#1220836).
* CVE-2023-52501: Fixed possible memory corruption in ring-buffer
(bsc#1220885).
* CVE-2023-52567: Fixed possible Oops in serial/8250_port: when using IRQ
polling (irq = 0) (bsc#1220839).
* CVE-2023-52517: Fixed race between DMA RX transfer completion and RX FIFO
drain in spi/sun6i (bsc#1221055).
* CVE-2023-52511: Fixed possible memory corruption in spi/sun6i (bsc#1221012).
* CVE-2023-52525: Fixed out of bounds check mwifiex_process_rx_packet()
(bsc#1220840).
* CVE-2023-52504: Fixed possible out-of bounds in apply_alternatives() on a
5-level paging machine (bsc#1221553).
* CVE-2023-52575: Fixed SBPB enablement for spec_rstack_overflow=off
(bsc#1220871).
* CVE-2022-48626: Fixed a potential use-after-free on remove path moxart
(bsc#1220366).
* CVE-2022-48629: Fixed possible memory leak in qcom-rng (bsc#1220989).
* CVE-2022-48630: Fixed infinite loop on requests not multiple of WORD_SZ in
crypto: qcom-rng (bsc#1220990).
* CVE-2021-46926: Fixed bug when detecting controllers in ALSA/hda/intel-sdw-
acpi (bsc#1220478).
* CVE-2021-47096: Fixed uninitalized user_pversion in ALSA rawmidi
(bsc#1220981).
* CVE-2021-47104: Fixed memory leak in qib_user_sdma_queue_pkts()
(bsc#1220960).
* CVE-2021-47097: Fixed stack out of bound access in
elantech_change_report_id() (bsc#1220982).
* CVE-2021-47094: Fixed possible memory leak in KVM x86/mmu (bsc#1221551).
* CVE-2021-47107: Fixed READDIR buffer overflow in NFSD (bsc#1220965).
* CVE-2021-47101: Fixed uninit-value in asix_mdio_read() (bsc#1220987).
* CVE-2021-47108: Fixed possible NULL pointer dereference for mtk_hdmi_conf in
drm/mediatek (bsc#1220986).
* CVE-2021-47098: Fixed integer overflow/underflow in hysteresis calculations
hwmon: (lm90) (bsc#1220983).
* CVE-2021-47100: Fixed UAF when uninstall in ipmi (bsc#1220985).
* CVE-2021-47095: Fixed missing initialization in ipmi/ssif (bsc#1220979).
* CVE-2021-47091: Fixed locking in ieee80211_start_ap()) error path
(bsc#1220959).
* CVE-2021-46936: Fixed use-after-free in tw_timer_handler() (bsc#1220439).
* CVE-2021-47102: Fixed incorrect structure access In line: upper =
info->upper_dev in net/marvell/prestera (bsc#1221009).
* CVE-2021-46925: Fixed kernel panic caused by race of smc_sock (bsc#1220466).
* CVE-2021-46927: Fixed assertion bug in nitro_enclaves: Use
get_user_pages_unlocked() (bsc#1220443).
* CVE-2021-47093: Fixed memleak on registration failure in intel_pmc_core
(bsc#1220978).
* CVE-2022-20154: Fixed a use after free due to a race condition in
lock_sock_nested of sock.c. This could lead to local escalation of privilege
with System execution privileges needed (bsc#1200599).
* CVE-2021-46929: Fixed use-after-free issue in sctp_sock_dump()
(bsc#1220482).
* CVE-2021-47087: Fixed incorrect page free bug in tee/optee (bsc#1220954).
* CVE-2022-4744: Fixed double-free that could lead to DoS or privilege
escalation in TUN/TAP device driver functionality (bsc#1209635).
* CVE-2021-47082: Fixed ouble free in tun_free_netdev() (bsc#1220969).
* CVE-2021-46933: Fixed possible underflow in ffs_data_clear() (bsc#1220487).
* CVE-2021-46930: Fixed usb/mtu3 list_head check warning (bsc#1220484).
* CVE-2021-47099: Fixed BUG_ON assertion in veth when skb entering GRO are
cloned (bsc#1220955).
* CVE-2023-52492: Fixed a null-pointer-dereference in channel unregistration
function __dma_async_device_channel_register() (bsc#1221276).
* CVE-2023-52450: Fixed NULL pointer dereference issue in upi_fill_topology()
(bsc#1220237).
* CVE-2023-28746: Fixed Register File Data Sampling (bsc#1213456).
* CVE-2023-52583: Fixed deadlock or deadcode of misusing dget() inside ceph
(bsc#1221058).
* CVE-2023-52582: Fixed possible oops in netfs (bsc#1220878).
* CVE-2023-52477: Fixed USB Hub accesses to uninitialized BOS descriptors
(bsc#1220790).
* CVE-2023-52470: Fixed null-ptr-deref in radeon_crtc_init() (bsc#1220413).
* CVE-2023-52469: Fixed a use-after-free in kv_parse_power_table
(bsc#1220411).
* CVE-2023-52576: Fixed potential use after free in memblock_isolate_range()
(bsc#1220872).
* CVE-2024-26600: Fixed NULL pointer dereference for SRP in phy-omap-usb2
(bsc#1220340).
* CVE-2023-52497: Fixed data corruption in erofs (bsc#1220879).
* CVE-2023-52605: Fixed a NULL pointer dereference check (bsc#1221039)
* CVE-2023-52569: Fixed a bug in btrfs by remoning BUG() after failure to
insert delayed dir index item (bsc#1220918).
* CVE-2023-52502: Fixed a race condition in nfc_llcp_sock_get() and
nfc_llcp_sock_get_sn() (bsc#1220831).
* CVE-2023-52574: Fixed a bug by hiding new member header_ops (bsc#1220870).
* CVE-2023-52597: Fixed a setting of fpc register in KVM (bsc#1221040).
* CVE-2023-52523: Fixed wrong redirects to non-TCP sockets in bpf
(bsc#1220926).
* CVE-2021-47105: Fixed potential memory leak in ice/xsk (bsc#1220961).
* CVE-2023-52532: Fixed a bug in TX CQE error handling (bsc#1220932).
* CVE-2021-46931: Fixed wrong type casting in mlx5e_tx_reporter_dump_sq()
(bsc#1220486).

The following non-security bugs were fixed:

* doc/README.SUSE: Update information about module support status
(jsc#PED-5759)
* tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc (bsc#1222619).

## Special Instructions and Notes:

* Please reboot the system after installing this update.

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.4
zypper in -t patch SUSE-2024-1321=1

* openSUSE Leap Micro 5.3
zypper in -t patch openSUSE-Leap-Micro-5.3-2024-1321=1

* openSUSE Leap Micro 5.4
zypper in -t patch openSUSE-Leap-Micro-5.4-2024-1321=1

* SUSE Linux Enterprise Micro for Rancher 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2024-1321=1

* SUSE Linux Enterprise Micro 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2024-1321=1

* SUSE Linux Enterprise Micro for Rancher 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2024-1321=1

* SUSE Linux Enterprise Micro 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2024-1321=1

* SUSE Linux Enterprise Live Patching 15-SP4
zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2024-1321=1
Please note that this is the initial kernel livepatch without fixes itself, this
package is later updated by separate standalone kernel livepatch updates.

* SUSE Linux Enterprise High Availability Extension 15 SP4
zypper in -t patch SUSE-SLE-Product-HA-15-SP4-2024-1321=1

* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-1321=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-1321=1

* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4
zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-1321=1

* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4
zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-1321=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP4
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-1321=1

* SUSE Manager Proxy 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-1321=1

* SUSE Manager Retail Branch Server 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-
Server-4.3-2024-1321=1

* SUSE Manager Server 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-1321=1

## Package List:

* openSUSE Leap 15.4 (noarch nosrc)
* kernel-docs-5.14.21-150400.24.116.1
* openSUSE Leap 15.4 (noarch)
* kernel-devel-5.14.21-150400.24.116.1
* kernel-source-vanilla-5.14.21-150400.24.116.1
* kernel-source-5.14.21-150400.24.116.1
* kernel-docs-html-5.14.21-150400.24.116.1
* kernel-macros-5.14.21-150400.24.116.1
* openSUSE Leap 15.4 (nosrc ppc64le x86_64)
* kernel-debug-5.14.21-150400.24.116.1
* openSUSE Leap 15.4 (ppc64le x86_64)
* kernel-debug-debuginfo-5.14.21-150400.24.116.1
* kernel-debug-devel-5.14.21-150400.24.116.1
* kernel-debug-devel-debuginfo-5.14.21-150400.24.116.1
* kernel-debug-debugsource-5.14.21-150400.24.116.1
* kernel-debug-livepatch-devel-5.14.21-150400.24.116.1
* openSUSE Leap 15.4 (aarch64 ppc64le x86_64)
* kernel-kvmsmall-devel-debuginfo-5.14.21-150400.24.116.1
* kernel-kvmsmall-debugsource-5.14.21-150400.24.116.1
* kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.116.1
* kernel-kvmsmall-devel-5.14.21-150400.24.116.1
* kernel-default-base-rebuild-5.14.21-150400.24.116.1.150400.24.54.5
* kernel-kvmsmall-debuginfo-5.14.21-150400.24.116.1
* kernel-default-base-5.14.21-150400.24.116.1.150400.24.54.5
* openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64)
* gfs2-kmp-default-5.14.21-150400.24.116.1
* dlm-kmp-default-debuginfo-5.14.21-150400.24.116.1
* kernel-default-livepatch-devel-5.14.21-150400.24.116.1
* kernel-obs-build-5.14.21-150400.24.116.1
* kernel-obs-qa-5.14.21-150400.24.116.1
* kernel-default-devel-5.14.21-150400.24.116.1
* reiserfs-kmp-default-debuginfo-5.14.21-150400.24.116.1
* kernel-syms-5.14.21-150400.24.116.1
* kernel-default-extra-debuginfo-5.14.21-150400.24.116.1
* kernel-default-optional-debuginfo-5.14.21-150400.24.116.1
* kernel-default-debugsource-5.14.21-150400.24.116.1
* kernel-default-livepatch-5.14.21-150400.24.116.1
* ocfs2-kmp-default-debuginfo-5.14.21-150400.24.116.1
* cluster-md-kmp-default-debuginfo-5.14.21-150400.24.116.1
* kernel-default-optional-5.14.21-150400.24.116.1
* kernel-obs-build-debugsource-5.14.21-150400.24.116.1
* kernel-default-extra-5.14.21-150400.24.116.1
* kselftests-kmp-default-debuginfo-5.14.21-150400.24.116.1
* kernel-default-devel-debuginfo-5.14.21-150400.24.116.1
* reiserfs-kmp-default-5.14.21-150400.24.116.1
* kernel-default-debuginfo-5.14.21-150400.24.116.1
* ocfs2-kmp-default-5.14.21-150400.24.116.1
* dlm-kmp-default-5.14.21-150400.24.116.1
* cluster-md-kmp-default-5.14.21-150400.24.116.1
* gfs2-kmp-default-debuginfo-5.14.21-150400.24.116.1
* kselftests-kmp-default-5.14.21-150400.24.116.1
* openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 nosrc)
* kernel-default-5.14.21-150400.24.116.1
* openSUSE Leap 15.4 (aarch64 nosrc ppc64le x86_64)
* kernel-kvmsmall-5.14.21-150400.24.116.1
* openSUSE Leap 15.4 (ppc64le s390x x86_64)
* kernel-livepatch-SLE15-SP4_Update_25-debugsource-1-150400.9.5.1
* kernel-livepatch-5_14_21-150400_24_116-default-debuginfo-1-150400.9.5.1
* kernel-livepatch-5_14_21-150400_24_116-default-1-150400.9.5.1
* openSUSE Leap 15.4 (nosrc s390x)
* kernel-zfcpdump-5.14.21-150400.24.116.1
* openSUSE Leap 15.4 (s390x)
* kernel-zfcpdump-debuginfo-5.14.21-150400.24.116.1
* kernel-zfcpdump-debugsource-5.14.21-150400.24.116.1
* openSUSE Leap 15.4 (nosrc)
* dtb-aarch64-5.14.21-150400.24.116.1
* openSUSE Leap 15.4 (aarch64)
* gfs2-kmp-64kb-debuginfo-5.14.21-150400.24.116.1
* dtb-broadcom-5.14.21-150400.24.116.1
* dlm-kmp-64kb-5.14.21-150400.24.116.1
* dtb-exynos-5.14.21-150400.24.116.1
* cluster-md-kmp-64kb-debuginfo-5.14.21-150400.24.116.1
* reiserfs-kmp-64kb-5.14.21-150400.24.116.1
* kselftests-kmp-64kb-debuginfo-5.14.21-150400.24.116.1
* dtb-amd-5.14.21-150400.24.116.1
* kernel-64kb-extra-debuginfo-5.14.21-150400.24.116.1
* kernel-64kb-livepatch-devel-5.14.21-150400.24.116.1
* dtb-marvell-5.14.21-150400.24.116.1
* dtb-nvidia-5.14.21-150400.24.116.1
* dtb-xilinx-5.14.21-150400.24.116.1
* cluster-md-kmp-64kb-5.14.21-150400.24.116.1
* kernel-64kb-devel-debuginfo-5.14.21-150400.24.116.1
* dtb-renesas-5.14.21-150400.24.116.1
* dtb-apm-5.14.21-150400.24.116.1
* dtb-hisilicon-5.14.21-150400.24.116.1
* kernel-64kb-devel-5.14.21-150400.24.116.1
* dtb-altera-5.14.21-150400.24.116.1
* kernel-64kb-debugsource-5.14.21-150400.24.116.1
* reiserfs-kmp-64kb-debuginfo-5.14.21-150400.24.116.1
* dtb-cavium-5.14.21-150400.24.116.1
* dtb-socionext-5.14.21-150400.24.116.1
* dtb-freescale-5.14.21-150400.24.116.1
* dtb-apple-5.14.21-150400.24.116.1
* dtb-rockchip-5.14.21-150400.24.116.1
* dlm-kmp-64kb-debuginfo-5.14.21-150400.24.116.1
* kselftests-kmp-64kb-5.14.21-150400.24.116.1
* gfs2-kmp-64kb-5.14.21-150400.24.116.1
* ocfs2-kmp-64kb-5.14.21-150400.24.116.1
* ocfs2-kmp-64kb-debuginfo-5.14.21-150400.24.116.1
* dtb-amlogic-5.14.21-150400.24.116.1
* dtb-sprd-5.14.21-150400.24.116.1
* dtb-amazon-5.14.21-150400.24.116.1
* kernel-64kb-extra-5.14.21-150400.24.116.1
* dtb-mediatek-5.14.21-150400.24.116.1
* kernel-64kb-optional-5.14.21-150400.24.116.1
* dtb-arm-5.14.21-150400.24.116.1
* kernel-64kb-optional-debuginfo-5.14.21-150400.24.116.1
* kernel-64kb-debuginfo-5.14.21-150400.24.116.1
* dtb-allwinner-5.14.21-150400.24.116.1
* dtb-lg-5.14.21-150400.24.116.1
* dtb-qcom-5.14.21-150400.24.116.1
* openSUSE Leap 15.4 (aarch64 nosrc)
* kernel-64kb-5.14.21-150400.24.116.1
* openSUSE Leap Micro 5.3 (aarch64 nosrc x86_64)
* kernel-default-5.14.21-150400.24.116.1
* openSUSE Leap Micro 5.3 (aarch64 x86_64)
* kernel-default-base-5.14.21-150400.24.116.1.150400.24.54.5
* kernel-default-debuginfo-5.14.21-150400.24.116.1
* kernel-default-debugsource-5.14.21-150400.24.116.1
* openSUSE Leap Micro 5.4 (aarch64 nosrc s390x x86_64)
* kernel-default-5.14.21-150400.24.116.1
* openSUSE Leap Micro 5.4 (aarch64 x86_64)
* kernel-default-base-5.14.21-150400.24.116.1.150400.24.54.5
* openSUSE Leap Micro 5.4 (aarch64 s390x x86_64)
* kernel-default-debuginfo-5.14.21-150400.24.116.1
* kernel-default-debugsource-5.14.21-150400.24.116.1
* SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 nosrc s390x x86_64)
* kernel-default-5.14.21-150400.24.116.1
* SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 x86_64)
* kernel-default-base-5.14.21-150400.24.116.1.150400.24.54.5
* SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64)
* kernel-default-debuginfo-5.14.21-150400.24.116.1
* kernel-default-debugsource-5.14.21-150400.24.116.1
* SUSE Linux Enterprise Micro 5.3 (aarch64 nosrc s390x x86_64)
* kernel-default-5.14.21-150400.24.116.1
* SUSE Linux Enterprise Micro 5.3 (aarch64 x86_64)
* kernel-default-base-5.14.21-150400.24.116.1.150400.24.54.5
* SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64)
* kernel-default-debuginfo-5.14.21-150400.24.116.1
* kernel-default-debugsource-5.14.21-150400.24.116.1
* SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 nosrc s390x x86_64)
* kernel-default-5.14.21-150400.24.116.1
* SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 x86_64)
* kernel-default-base-5.14.21-150400.24.116.1.150400.24.54.5
* SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64)
* kernel-default-debuginfo-5.14.21-150400.24.116.1
* kernel-default-debugsource-5.14.21-150400.24.116.1
* SUSE Linux Enterprise Micro 5.4 (aarch64 nosrc s390x x86_64)
* kernel-default-5.14.21-150400.24.116.1
* SUSE Linux Enterprise Micro 5.4 (aarch64 x86_64)
* kernel-default-base-5.14.21-150400.24.116.1.150400.24.54.5
* SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64)
* kernel-default-debuginfo-5.14.21-150400.24.116.1
* kernel-default-debugsource-5.14.21-150400.24.116.1
* SUSE Linux Enterprise Live Patching 15-SP4 (nosrc)
* kernel-default-5.14.21-150400.24.116.1
* SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64)
* kernel-default-livepatch-devel-5.14.21-150400.24.116.1
* kernel-default-debugsource-5.14.21-150400.24.116.1
* kernel-livepatch-SLE15-SP4_Update_25-debugsource-1-150400.9.5.1
* kernel-default-livepatch-5.14.21-150400.24.116.1
* kernel-livepatch-5_14_21-150400_24_116-default-debuginfo-1-150400.9.5.1
* kernel-livepatch-5_14_21-150400_24_116-default-1-150400.9.5.1
* kernel-default-debuginfo-5.14.21-150400.24.116.1
* SUSE Linux Enterprise High Availability Extension 15 SP4 (aarch64 ppc64le
s390x x86_64)
* gfs2-kmp-default-5.14.21-150400.24.116.1
* dlm-kmp-default-debuginfo-5.14.21-150400.24.116.1
* kernel-default-debugsource-5.14.21-150400.24.116.1
* dlm-kmp-default-5.14.21-150400.24.116.1
* ocfs2-kmp-default-debuginfo-5.14.21-150400.24.116.1
* cluster-md-kmp-default-5.14.21-150400.24.116.1
* gfs2-kmp-default-debuginfo-5.14.21-150400.24.116.1
* cluster-md-kmp-default-debuginfo-5.14.21-150400.24.116.1
* kernel-default-debuginfo-5.14.21-150400.24.116.1
* ocfs2-kmp-default-5.14.21-150400.24.116.1
* SUSE Linux Enterprise High Availability Extension 15 SP4 (nosrc)
* kernel-default-5.14.21-150400.24.116.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
nosrc)
* kernel-64kb-5.14.21-150400.24.116.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64)
* kernel-64kb-devel-5.14.21-150400.24.116.1
* kernel-64kb-devel-debuginfo-5.14.21-150400.24.116.1
* kernel-64kb-debugsource-5.14.21-150400.24.116.1
* kernel-64kb-debuginfo-5.14.21-150400.24.116.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 nosrc
x86_64)
* kernel-default-5.14.21-150400.24.116.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
x86_64)
* kernel-default-debugsource-5.14.21-150400.24.116.1
* kernel-obs-build-5.14.21-150400.24.116.1
* kernel-default-devel-5.14.21-150400.24.116.1
* reiserfs-kmp-default-debuginfo-5.14.21-150400.24.116.1
* kernel-default-devel-debuginfo-5.14.21-150400.24.116.1
* kernel-syms-5.14.21-150400.24.116.1
* reiserfs-kmp-default-5.14.21-150400.24.116.1
* kernel-default-base-5.14.21-150400.24.116.1.150400.24.54.5
* kernel-default-debuginfo-5.14.21-150400.24.116.1
* kernel-obs-build-debugsource-5.14.21-150400.24.116.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch)
* kernel-source-5.14.21-150400.24.116.1
* kernel-devel-5.14.21-150400.24.116.1
* kernel-macros-5.14.21-150400.24.116.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch nosrc)
* kernel-docs-5.14.21-150400.24.116.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 nosrc)
* kernel-64kb-5.14.21-150400.24.116.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64)
* kernel-64kb-devel-5.14.21-150400.24.116.1
* kernel-64kb-devel-debuginfo-5.14.21-150400.24.116.1
* kernel-64kb-debugsource-5.14.21-150400.24.116.1
* kernel-64kb-debuginfo-5.14.21-150400.24.116.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 nosrc
x86_64)
* kernel-default-5.14.21-150400.24.116.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
x86_64)
* kernel-default-debugsource-5.14.21-150400.24.116.1
* kernel-obs-build-5.14.21-150400.24.116.1
* kernel-default-devel-5.14.21-150400.24.116.1
* reiserfs-kmp-default-debuginfo-5.14.21-150400.24.116.1
* kernel-default-devel-debuginfo-5.14.21-150400.24.116.1
* kernel-syms-5.14.21-150400.24.116.1
* reiserfs-kmp-default-5.14.21-150400.24.116.1
* kernel-default-base-5.14.21-150400.24.116.1.150400.24.54.5
* kernel-default-debuginfo-5.14.21-150400.24.116.1
* kernel-obs-build-debugsource-5.14.21-150400.24.116.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch)
* kernel-source-5.14.21-150400.24.116.1
* kernel-devel-5.14.21-150400.24.116.1
* kernel-macros-5.14.21-150400.24.116.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch nosrc)
* kernel-docs-5.14.21-150400.24.116.1
* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (nosrc x86_64)
* kernel-default-5.14.21-150400.24.116.1
* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64)
* kernel-default-debugsource-5.14.21-150400.24.116.1
* kernel-obs-build-5.14.21-150400.24.116.1
* kernel-default-devel-5.14.21-150400.24.116.1
* kernel-default-extra-5.14.21-150400.24.116.1
* kernel-default-devel-debuginfo-5.14.21-150400.24.116.1
* kernel-syms-5.14.21-150400.24.116.1
* kernel-default-extra-debuginfo-5.14.21-150400.24.116.1
* kernel-default-base-5.14.21-150400.24.116.1.150400.24.54.5
* kernel-default-debuginfo-5.14.21-150400.24.116.1
* kernel-obs-build-debugsource-5.14.21-150400.24.116.1
* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (noarch)
* kernel-source-5.14.21-150400.24.116.1
* kernel-devel-5.14.21-150400.24.116.1
* kernel-macros-5.14.21-150400.24.116.1
* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (noarch nosrc)
* kernel-docs-5.14.21-150400.24.116.1
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 nosrc)
* kernel-64kb-5.14.21-150400.24.116.1
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64)
* kernel-64kb-devel-5.14.21-150400.24.116.1
* kernel-64kb-devel-debuginfo-5.14.21-150400.24.116.1
* kernel-64kb-debugsource-5.14.21-150400.24.116.1
* kernel-64kb-debuginfo-5.14.21-150400.24.116.1
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x
x86_64 nosrc)
* kernel-default-5.14.21-150400.24.116.1
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le x86_64)
* kernel-default-base-5.14.21-150400.24.116.1.150400.24.54.5
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x
x86_64)
* kernel-default-debugsource-5.14.21-150400.24.116.1
* kernel-obs-build-5.14.21-150400.24.116.1
* kernel-default-devel-5.14.21-150400.24.116.1
* reiserfs-kmp-default-debuginfo-5.14.21-150400.24.116.1
* kernel-default-devel-debuginfo-5.14.21-150400.24.116.1
* kernel-syms-5.14.21-150400.24.116.1
* reiserfs-kmp-default-5.14.21-150400.24.116.1
* kernel-default-debuginfo-5.14.21-150400.24.116.1
* kernel-obs-build-debugsource-5.14.21-150400.24.116.1
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch)
* kernel-source-5.14.21-150400.24.116.1
* kernel-devel-5.14.21-150400.24.116.1
* kernel-macros-5.14.21-150400.24.116.1
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch nosrc)
* kernel-docs-5.14.21-150400.24.116.1
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (nosrc s390x)
* kernel-zfcpdump-5.14.21-150400.24.116.1
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (s390x)
* kernel-zfcpdump-debuginfo-5.14.21-150400.24.116.1
* kernel-zfcpdump-debugsource-5.14.21-150400.24.116.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (nosrc ppc64le
x86_64)
* kernel-default-5.14.21-150400.24.116.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
* kernel-default-debugsource-5.14.21-150400.24.116.1
* kernel-obs-build-5.14.21-150400.24.116.1
* kernel-default-devel-5.14.21-150400.24.116.1
* reiserfs-kmp-default-debuginfo-5.14.21-150400.24.116.1
* kernel-default-devel-debuginfo-5.14.21-150400.24.116.1
* kernel-syms-5.14.21-150400.24.116.1
* reiserfs-kmp-default-5.14.21-150400.24.116.1
* kernel-default-base-5.14.21-150400.24.116.1.150400.24.54.5
* kernel-default-debuginfo-5.14.21-150400.24.116.1
* kernel-obs-build-debugsource-5.14.21-150400.24.116.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch)
* kernel-source-5.14.21-150400.24.116.1
* kernel-devel-5.14.21-150400.24.116.1
* kernel-macros-5.14.21-150400.24.116.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch nosrc)
* kernel-docs-5.14.21-150400.24.116.1
* SUSE Manager Proxy 4.3 (nosrc x86_64)
* kernel-default-5.14.21-150400.24.116.1
* SUSE Manager Proxy 4.3 (x86_64)
* kernel-default-debugsource-5.14.21-150400.24.116.1
* kernel-default-devel-5.14.21-150400.24.116.1
* kernel-default-devel-debuginfo-5.14.21-150400.24.116.1
* kernel-syms-5.14.21-150400.24.116.1
* kernel-default-base-5.14.21-150400.24.116.1.150400.24.54.5
* kernel-default-debuginfo-5.14.21-150400.24.116.1
* SUSE Manager Proxy 4.3 (noarch)
* kernel-source-5.14.21-150400.24.116.1
* kernel-devel-5.14.21-150400.24.116.1
* kernel-macros-5.14.21-150400.24.116.1
* SUSE Manager Retail Branch Server 4.3 (nosrc x86_64)
* kernel-default-5.14.21-150400.24.116.1
* SUSE Manager Retail Branch Server 4.3 (x86_64)
* kernel-default-debugsource-5.14.21-150400.24.116.1
* kernel-default-devel-5.14.21-150400.24.116.1
* kernel-default-devel-debuginfo-5.14.21-150400.24.116.1
* kernel-default-base-5.14.21-150400.24.116.1.150400.24.54.5
* kernel-default-debuginfo-5.14.21-150400.24.116.1
* SUSE Manager Retail Branch Server 4.3 (noarch)
* kernel-devel-5.14.21-150400.24.116.1
* kernel-macros-5.14.21-150400.24.116.1
* SUSE Manager Server 4.3 (nosrc ppc64le s390x x86_64)
* kernel-default-5.14.21-150400.24.116.1
* SUSE Manager Server 4.3 (ppc64le x86_64)
* kernel-default-base-5.14.21-150400.24.116.1.150400.24.54.5
* SUSE Manager Server 4.3 (ppc64le s390x x86_64)
* kernel-default-debugsource-5.14.21-150400.24.116.1
* kernel-default-devel-5.14.21-150400.24.116.1
* kernel-default-devel-debuginfo-5.14.21-150400.24.116.1
* kernel-syms-5.14.21-150400.24.116.1
* kernel-default-debuginfo-5.14.21-150400.24.116.1
* SUSE Manager Server 4.3 (noarch)
* kernel-source-5.14.21-150400.24.116.1
* kernel-devel-5.14.21-150400.24.116.1
* kernel-macros-5.14.21-150400.24.116.1
* SUSE Manager Server 4.3 (nosrc s390x)
* kernel-zfcpdump-5.14.21-150400.24.116.1
* SUSE Manager Server 4.3 (s390x)
* kernel-zfcpdump-debuginfo-5.14.21-150400.24.116.1
* kernel-zfcpdump-debugsource-5.14.21-150400.24.116.1

## References:

* https://www.suse.com/security/cve/CVE-2021-46925.html
* https://www.suse.com/security/cve/CVE-2021-46926.html
* https://www.suse.com/security/cve/CVE-2021-46927.html
* https://www.suse.com/security/cve/CVE-2021-46929.html
* https://www.suse.com/security/cve/CVE-2021-46930.html
* https://www.suse.com/security/cve/CVE-2021-46931.html
* https://www.suse.com/security/cve/CVE-2021-46933.html
* https://www.suse.com/security/cve/CVE-2021-46936.html
* https://www.suse.com/security/cve/CVE-2021-47082.html
* https://www.suse.com/security/cve/CVE-2021-47087.html
* https://www.suse.com/security/cve/CVE-2021-47091.html
* https://www.suse.com/security/cve/CVE-2021-47093.html
* https://www.suse.com/security/cve/CVE-2021-47094.html
* https://www.suse.com/security/cve/CVE-2021-47095.html
* https://www.suse.com/security/cve/CVE-2021-47096.html
* https://www.suse.com/security/cve/CVE-2021-47097.html
* https://www.suse.com/security/cve/CVE-2021-47098.html
* https://www.suse.com/security/cve/CVE-2021-47099.html
* https://www.suse.com/security/cve/CVE-2021-47100.html
* https://www.suse.com/security/cve/CVE-2021-47101.html
* https://www.suse.com/security/cve/CVE-2021-47102.html
* https://www.suse.com/security/cve/CVE-2021-47104.html
* https://www.suse.com/security/cve/CVE-2021-47105.html
* https://www.suse.com/security/cve/CVE-2021-47107.html
* https://www.suse.com/security/cve/CVE-2021-47108.html
* https://www.suse.com/security/cve/CVE-2022-20154.html
* https://www.suse.com/security/cve/CVE-2022-4744.html
* https://www.suse.com/security/cve/CVE-2022-48626.html
* https://www.suse.com/security/cve/CVE-2022-48629.html
* https://www.suse.com/security/cve/CVE-2022-48630.html
* https://www.suse.com/security/cve/CVE-2023-28746.html
* https://www.suse.com/security/cve/CVE-2023-35827.html
* https://www.suse.com/security/cve/CVE-2023-52447.html
* https://www.suse.com/security/cve/CVE-2023-52450.html
* https://www.suse.com/security/cve/CVE-2023-52454.html
* https://www.suse.com/security/cve/CVE-2023-52469.html
* https://www.suse.com/security/cve/CVE-2023-52470.html
* https://www.suse.com/security/cve/CVE-2023-52474.html
* https://www.suse.com/security/cve/CVE-2023-52477.html
* https://www.suse.com/security/cve/CVE-2023-52492.html
* https://www.suse.com/security/cve/CVE-2023-52497.html
* https://www.suse.com/security/cve/CVE-2023-52501.html
* https://www.suse.com/security/cve/CVE-2023-52502.html
* https://www.suse.com/security/cve/CVE-2023-52504.html
* https://www.suse.com/security/cve/CVE-2023-52507.html
* https://www.suse.com/security/cve/CVE-2023-52508.html
* https://www.suse.com/security/cve/CVE-2023-52509.html
* https://www.suse.com/security/cve/CVE-2023-52510.html
* https://www.suse.com/security/cve/CVE-2023-52511.html
* https://www.suse.com/security/cve/CVE-2023-52513.html
* https://www.suse.com/security/cve/CVE-2023-52515.html
* https://www.suse.com/security/cve/CVE-2023-52517.html
* https://www.suse.com/security/cve/CVE-2023-52519.html
* https://www.suse.com/security/cve/CVE-2023-52520.html
* https://www.suse.com/security/cve/CVE-2023-52523.html
* https://www.suse.com/security/cve/CVE-2023-52524.html
* https://www.suse.com/security/cve/CVE-2023-52525.html
* https://www.suse.com/security/cve/CVE-2023-52528.html
* https://www.suse.com/security/cve/CVE-2023-52529.html
* https://www.suse.com/security/cve/CVE-2023-52532.html
* https://www.suse.com/security/cve/CVE-2023-52564.html
* https://www.suse.com/security/cve/CVE-2023-52566.html
* https://www.suse.com/security/cve/CVE-2023-52567.html
* https://www.suse.com/security/cve/CVE-2023-52569.html
* https://www.suse.com/security/cve/CVE-2023-52574.html
* https://www.suse.com/security/cve/CVE-2023-52575.html
* https://www.suse.com/security/cve/CVE-2023-52576.html
* https://www.suse.com/security/cve/CVE-2023-52582.html
* https://www.suse.com/security/cve/CVE-2023-52583.html
* https://www.suse.com/security/cve/CVE-2023-52597.html
* https://www.suse.com/security/cve/CVE-2023-52605.html
* https://www.suse.com/security/cve/CVE-2023-52621.html
* https://www.suse.com/security/cve/CVE-2023-6356.html
* https://www.suse.com/security/cve/CVE-2023-6535.html
* https://www.suse.com/security/cve/CVE-2023-6536.html
* https://www.suse.com/security/cve/CVE-2024-25742.html
* https://www.suse.com/security/cve/CVE-2024-26600.html
* https://bugzilla.suse.com/show_bug.cgi?id=1200599
* https://bugzilla.suse.com/show_bug.cgi?id=1209635
* https://bugzilla.suse.com/show_bug.cgi?id=1212514
* https://bugzilla.suse.com/show_bug.cgi?id=1213456
* https://bugzilla.suse.com/show_bug.cgi?id=1217987
* https://bugzilla.suse.com/show_bug.cgi?id=1217988
* https://bugzilla.suse.com/show_bug.cgi?id=1217989
* https://bugzilla.suse.com/show_bug.cgi?id=1220237
* https://bugzilla.suse.com/show_bug.cgi?id=1220251
* https://bugzilla.suse.com/show_bug.cgi?id=1220320
* https://bugzilla.suse.com/show_bug.cgi?id=1220340
* https://bugzilla.suse.com/show_bug.cgi?id=1220366
* https://bugzilla.suse.com/show_bug.cgi?id=1220411
* https://bugzilla.suse.com/show_bug.cgi?id=1220413
* https://bugzilla.suse.com/show_bug.cgi?id=1220439
* https://bugzilla.suse.com/show_bug.cgi?id=1220443
* https://bugzilla.suse.com/show_bug.cgi?id=1220445
* https://bugzilla.suse.com/show_bug.cgi?id=1220466
* https://bugzilla.suse.com/show_bug.cgi?id=1220478
* https://bugzilla.suse.com/show_bug.cgi?id=1220482
* https://bugzilla.suse.com/show_bug.cgi?id=1220484
* https://bugzilla.suse.com/show_bug.cgi?id=1220486
* https://bugzilla.suse.com/show_bug.cgi?id=1220487
* https://bugzilla.suse.com/show_bug.cgi?id=1220790
* https://bugzilla.suse.com/show_bug.cgi?id=1220831
* https://bugzilla.suse.com/show_bug.cgi?id=1220833
* https://bugzilla.suse.com/show_bug.cgi?id=1220836
* https://bugzilla.suse.com/show_bug.cgi?id=1220839
* https://bugzilla.suse.com/show_bug.cgi?id=1220840
* https://bugzilla.suse.com/show_bug.cgi?id=1220843
* https://bugzilla.suse.com/show_bug.cgi?id=1220870
* https://bugzilla.suse.com/show_bug.cgi?id=1220871
* https://bugzilla.suse.com/show_bug.cgi?id=1220872
* https://bugzilla.suse.com/show_bug.cgi?id=1220878
* https://bugzilla.suse.com/show_bug.cgi?id=1220879
* https://bugzilla.suse.com/show_bug.cgi?id=1220885
* https://bugzilla.suse.com/show_bug.cgi?id=1220898
* https://bugzilla.suse.com/show_bug.cgi?id=1220918
* https://bugzilla.suse.com/show_bug.cgi?id=1220920
* https://bugzilla.suse.com/show_bug.cgi?id=1220921
* https://bugzilla.suse.com/show_bug.cgi?id=1220926
* https://bugzilla.suse.com/show_bug.cgi?id=1220927
* https://bugzilla.suse.com/show_bug.cgi?id=1220929
* https://bugzilla.suse.com/show_bug.cgi?id=1220932
* https://bugzilla.suse.com/show_bug.cgi?id=1220938
* https://bugzilla.suse.com/show_bug.cgi?id=1220940
* https://bugzilla.suse.com/show_bug.cgi?id=1220954
* https://bugzilla.suse.com/show_bug.cgi?id=1220955
* https://bugzilla.suse.com/show_bug.cgi?id=1220959
* https://bugzilla.suse.com/show_bug.cgi?id=1220960
* https://bugzilla.suse.com/show_bug.cgi?id=1220961
* https://bugzilla.suse.com/show_bug.cgi?id=1220965
* https://bugzilla.suse.com/show_bug.cgi?id=1220969
* https://bugzilla.suse.com/show_bug.cgi?id=1220978
* https://bugzilla.suse.com/show_bug.cgi?id=1220979
* https://bugzilla.suse.com/show_bug.cgi?id=1220981
* https://bugzilla.suse.com/show_bug.cgi?id=1220982
* https://bugzilla.suse.com/show_bug.cgi?id=1220983
* https://bugzilla.suse.com/show_bug.cgi?id=1220985
* https://bugzilla.suse.com/show_bug.cgi?id=1220986
* https://bugzilla.suse.com/show_bug.cgi?id=1220987
* https://bugzilla.suse.com/show_bug.cgi?id=1220989
* https://bugzilla.suse.com/show_bug.cgi?id=1220990
* https://bugzilla.suse.com/show_bug.cgi?id=1221009
* https://bugzilla.suse.com/show_bug.cgi?id=1221012
* https://bugzilla.suse.com/show_bug.cgi?id=1221015
* https://bugzilla.suse.com/show_bug.cgi?id=1221022
* https://bugzilla.suse.com/show_bug.cgi?id=1221039
* https://bugzilla.suse.com/show_bug.cgi?id=1221040
* https://bugzilla.suse.com/show_bug.cgi?id=1221048
* https://bugzilla.suse.com/show_bug.cgi?id=1221055
* https://bugzilla.suse.com/show_bug.cgi?id=1221058
* https://bugzilla.suse.com/show_bug.cgi?id=1221077
* https://bugzilla.suse.com/show_bug.cgi?id=1221276
* https://bugzilla.suse.com/show_bug.cgi?id=1221551
* https://bugzilla.suse.com/show_bug.cgi?id=1221553
* https://bugzilla.suse.com/show_bug.cgi?id=1221725
* https://bugzilla.suse.com/show_bug.cgi?id=1222073
* https://bugzilla.suse.com/show_bug.cgi?id=1222619
* https://jira.suse.com/browse/PED-5759



SUSE-SU-2024:1322-1: important: Security update for the Linux Kernel


# Security update for the Linux Kernel

Announcement ID: SUSE-SU-2024:1322-1
Rating: important
References:

* bsc#1194869
* bsc#1200465
* bsc#1205316
* bsc#1207948
* bsc#1209635
* bsc#1209657
* bsc#1212514
* bsc#1213456
* bsc#1214852
* bsc#1215221
* bsc#1215322
* bsc#1217339
* bsc#1217959
* bsc#1217987
* bsc#1217988
* bsc#1217989
* bsc#1218321
* bsc#1218336
* bsc#1218479
* bsc#1218562
* bsc#1218643
* bsc#1218777
* bsc#1219169
* bsc#1219170
* bsc#1219264
* bsc#1219834
* bsc#1220114
* bsc#1220176
* bsc#1220237
* bsc#1220251
* bsc#1220320
* bsc#1220325
* bsc#1220328
* bsc#1220337
* bsc#1220340
* bsc#1220365
* bsc#1220366
* bsc#1220398
* bsc#1220411
* bsc#1220413
* bsc#1220433
* bsc#1220439
* bsc#1220443
* bsc#1220445
* bsc#1220466
* bsc#1220469
* bsc#1220478
* bsc#1220482
* bsc#1220484
* bsc#1220486
* bsc#1220487
* bsc#1220492
* bsc#1220703
* bsc#1220735
* bsc#1220736
* bsc#1220775
* bsc#1220790
* bsc#1220797
* bsc#1220831
* bsc#1220833
* bsc#1220836
* bsc#1220839
* bsc#1220840
* bsc#1220843
* bsc#1220845
* bsc#1220848
* bsc#1220870
* bsc#1220871
* bsc#1220872
* bsc#1220878
* bsc#1220879
* bsc#1220883
* bsc#1220885
* bsc#1220887
* bsc#1220898
* bsc#1220917
* bsc#1220918
* bsc#1220920
* bsc#1220921
* bsc#1220926
* bsc#1220927
* bsc#1220929
* bsc#1220930
* bsc#1220931
* bsc#1220932
* bsc#1220933
* bsc#1220937
* bsc#1220938
* bsc#1220940
* bsc#1220954
* bsc#1220955
* bsc#1220959
* bsc#1220960
* bsc#1220961
* bsc#1220965
* bsc#1220969
* bsc#1220978
* bsc#1220979
* bsc#1220981
* bsc#1220982
* bsc#1220983
* bsc#1220985
* bsc#1220986
* bsc#1220987
* bsc#1220989
* bsc#1220990
* bsc#1221009
* bsc#1221012
* bsc#1221015
* bsc#1221022
* bsc#1221039
* bsc#1221040
* bsc#1221044
* bsc#1221045
* bsc#1221046
* bsc#1221048
* bsc#1221055
* bsc#1221056
* bsc#1221058
* bsc#1221060
* bsc#1221061
* bsc#1221062
* bsc#1221066
* bsc#1221067
* bsc#1221068
* bsc#1221069
* bsc#1221070
* bsc#1221071
* bsc#1221077
* bsc#1221082
* bsc#1221090
* bsc#1221097
* bsc#1221156
* bsc#1221252
* bsc#1221273
* bsc#1221274
* bsc#1221276
* bsc#1221277
* bsc#1221291
* bsc#1221293
* bsc#1221298
* bsc#1221337
* bsc#1221338
* bsc#1221375
* bsc#1221379
* bsc#1221551
* bsc#1221553
* bsc#1221613
* bsc#1221614
* bsc#1221616
* bsc#1221618
* bsc#1221631
* bsc#1221633
* bsc#1221713
* bsc#1221725
* bsc#1221777
* bsc#1221814
* bsc#1221816
* bsc#1221830
* bsc#1221951
* bsc#1222033
* bsc#1222056
* bsc#1222060
* bsc#1222070
* bsc#1222073
* bsc#1222117
* bsc#1222274
* bsc#1222291
* bsc#1222300
* bsc#1222304
* bsc#1222317
* bsc#1222331
* bsc#1222355
* bsc#1222356
* bsc#1222360
* bsc#1222366
* bsc#1222373
* bsc#1222619
* jsc#PED-5759
* jsc#PED-7167
* jsc#PED-7618
* jsc#PED-7619

Cross-References:

* CVE-2021-46925
* CVE-2021-46926
* CVE-2021-46927
* CVE-2021-46929
* CVE-2021-46930
* CVE-2021-46931
* CVE-2021-46933
* CVE-2021-46934
* CVE-2021-46936
* CVE-2021-47082
* CVE-2021-47083
* CVE-2021-47087
* CVE-2021-47091
* CVE-2021-47093
* CVE-2021-47094
* CVE-2021-47095
* CVE-2021-47096
* CVE-2021-47097
* CVE-2021-47098
* CVE-2021-47099
* CVE-2021-47100
* CVE-2021-47101
* CVE-2021-47102
* CVE-2021-47104
* CVE-2021-47105
* CVE-2021-47107
* CVE-2021-47108
* CVE-2022-4744
* CVE-2022-48626
* CVE-2022-48627
* CVE-2022-48628
* CVE-2022-48629
* CVE-2022-48630
* CVE-2023-0160
* CVE-2023-28746
* CVE-2023-35827
* CVE-2023-4881
* CVE-2023-52447
* CVE-2023-52450
* CVE-2023-52453
* CVE-2023-52454
* CVE-2023-52462
* CVE-2023-52463
* CVE-2023-52467
* CVE-2023-52469
* CVE-2023-52470
* CVE-2023-52474
* CVE-2023-52476
* CVE-2023-52477
* CVE-2023-52481
* CVE-2023-52482
* CVE-2023-52484
* CVE-2023-52486
* CVE-2023-52492
* CVE-2023-52493
* CVE-2023-52494
* CVE-2023-52497
* CVE-2023-52500
* CVE-2023-52501
* CVE-2023-52502
* CVE-2023-52504
* CVE-2023-52507
* CVE-2023-52508
* CVE-2023-52509
* CVE-2023-52510
* CVE-2023-52511
* CVE-2023-52513
* CVE-2023-52515
* CVE-2023-52517
* CVE-2023-52518
* CVE-2023-52519
* CVE-2023-52520
* CVE-2023-52523
* CVE-2023-52524
* CVE-2023-52525
* CVE-2023-52528
* CVE-2023-52529
* CVE-2023-52530
* CVE-2023-52531
* CVE-2023-52532
* CVE-2023-52559
* CVE-2023-52563
* CVE-2023-52564
* CVE-2023-52566
* CVE-2023-52567
* CVE-2023-52569
* CVE-2023-52574
* CVE-2023-52575
* CVE-2023-52576
* CVE-2023-52582
* CVE-2023-52583
* CVE-2023-52587
* CVE-2023-52591
* CVE-2023-52594
* CVE-2023-52595
* CVE-2023-52597
* CVE-2023-52598
* CVE-2023-52599
* CVE-2023-52600
* CVE-2023-52601
* CVE-2023-52602
* CVE-2023-52603
* CVE-2023-52604
* CVE-2023-52605
* CVE-2023-52606
* CVE-2023-52607
* CVE-2023-52608
* CVE-2023-52612
* CVE-2023-52615
* CVE-2023-52617
* CVE-2023-52619
* CVE-2023-52621
* CVE-2023-52623
* CVE-2023-52628
* CVE-2023-52632
* CVE-2023-52637
* CVE-2023-52639
* CVE-2023-6270
* CVE-2023-6356
* CVE-2023-6535
* CVE-2023-6536
* CVE-2023-7042
* CVE-2023-7192
* CVE-2024-0841
* CVE-2024-2201
* CVE-2024-22099
* CVE-2024-23307
* CVE-2024-25739
* CVE-2024-25742
* CVE-2024-26599
* CVE-2024-26600
* CVE-2024-26602
* CVE-2024-26607
* CVE-2024-26612
* CVE-2024-26614
* CVE-2024-26620
* CVE-2024-26627
* CVE-2024-26629
* CVE-2024-26642
* CVE-2024-26645
* CVE-2024-26646
* CVE-2024-26651
* CVE-2024-26654
* CVE-2024-26659
* CVE-2024-26664
* CVE-2024-26667
* CVE-2024-26670
* CVE-2024-26695
* CVE-2024-26717

CVSS scores:

* CVE-2021-46925 ( SUSE ): 5.3 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-46925 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-46926 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-46927 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-46927 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-46929 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
* CVE-2021-46929 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-46930 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
* CVE-2021-46930 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-46931 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-46931 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-46933 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
* CVE-2021-46933 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-46934 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
* CVE-2021-46934 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
* CVE-2021-46936 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-46936 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2021-47082 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47083 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L
* CVE-2021-47087 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
* CVE-2021-47093 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H
* CVE-2021-47094 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
* CVE-2021-47095 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47096 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
* CVE-2021-47097 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
* CVE-2021-47099 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47100 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47101 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
* CVE-2021-47102 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47104 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
* CVE-2021-47105 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
* CVE-2021-47107 ( SUSE ): 6.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
* CVE-2021-47108 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-4744 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2022-4744 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2022-48626 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
* CVE-2022-48627 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
* CVE-2022-48628 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L
* CVE-2022-48629 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
* CVE-2022-48630 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-0160 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-0160 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-28746 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
* CVE-2023-35827 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-4881 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L
* CVE-2023-4881 ( NVD ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H
* CVE-2023-52447 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-52447 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-52450 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52450 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52454 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52462 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
* CVE-2023-52463 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52467 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52469 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
* CVE-2023-52470 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52474 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
* CVE-2023-52476 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52477 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52482 ( SUSE ): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N
* CVE-2023-52484 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52486 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52492 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52493 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52494 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52497 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
* CVE-2023-52500 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
* CVE-2023-52501 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
* CVE-2023-52502 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-52504 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52507 ( SUSE ): 5.7 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
* CVE-2023-52508 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52509 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-52510 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-52511 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52513 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52515 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52517 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52518 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52519 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52520 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52523 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52524 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52525 ( SUSE ): 3.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
* CVE-2023-52528 ( SUSE ): 3.5 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
* CVE-2023-52529 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52530 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52531 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52532 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52559 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52563 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52564 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52566 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52567 ( SUSE ): 2.3 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L
* CVE-2023-52569 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52574 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52575 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52576 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52582 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52583 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52587 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52591 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
* CVE-2023-52594 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52595 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52597 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:H
* CVE-2023-52598 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52603 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52605 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52606 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52607 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52608 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52612 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H
* CVE-2023-52615 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52617 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52619 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52621 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52623 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52628 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-52632 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52637 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52639 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-6270 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-6270 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-6356 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-6356 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-6535 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-6535 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-6536 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-6536 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-7042 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-7042 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-7192 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-7192 ( NVD ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-0841 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-0841 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-2201 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
* CVE-2024-22099 ( SUSE ): 5.3 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-22099 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-23307 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-23307 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-25739 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-25739 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-25742 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-26599 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
* CVE-2024-26600 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26602 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
* CVE-2024-26607 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26612 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26614 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26627 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26629 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
* CVE-2024-26642 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26645 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26646 ( SUSE ): 4.9 CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
* CVE-2024-26651 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26654 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26659 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26664 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26667 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26670 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26695 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26717 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected Products:

* openSUSE Leap 15.5
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise Live Patching 15-SP5
* SUSE Linux Enterprise Micro 5.5
* SUSE Linux Enterprise Real Time 15 SP5
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Real Time Module 15-SP5

An update that solves 149 vulnerabilities, contains four features and has 29
security fixes can now be installed.

## Description:

The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various
security bugfixes.

The following security bugs were fixed:

* CVE-2021-46925: Fixed kernel panic caused by race of smc_sock (bsc#1220466).
* CVE-2021-46926: Fixed bug when detecting controllers in ALSA/hda/intel-sdw-
acpi (bsc#1220478).
* CVE-2021-46927: Fixed assertion bug in nitro_enclaves: Use
get_user_pages_unlocked() (bsc#1220443).
* CVE-2021-46929: Fixed use-after-free issue in sctp_sock_dump()
(bsc#1220482).
* CVE-2021-46930: Fixed usb/mtu3 list_head check warning (bsc#1220484).
* CVE-2021-46931: Fixed wrong type casting in mlx5e_tx_reporter_dump_sq()
(bsc#1220486).
* CVE-2021-46933: Fixed possible underflow in ffs_data_clear() (bsc#1220487).
* CVE-2021-46934: Fixed a bug by validating user data in compat ioctl
(bsc#1220469).
* CVE-2021-46936: Fixed use-after-free in tw_timer_handler() (bsc#1220439).
* CVE-2021-47082: Fixed ouble free in tun_free_netdev() (bsc#1220969).
* CVE-2021-47083: Fixed a global-out-of-bounds issue in mediatek:
(bsc#1220917).
* CVE-2021-47087: Fixed incorrect page free bug in tee/optee (bsc#1220954).
* CVE-2021-47091: Fixed locking in ieee80211_start_ap()) error path
(bsc#1220959).
* CVE-2021-47093: Fixed memleak on registration failure in intel_pmc_core
(bsc#1220978).
* CVE-2021-47094: Fixed possible memory leak in KVM x86/mmu (bsc#1221551).
* CVE-2021-47095: Fixed missing initialization in ipmi/ssif (bsc#1220979).
* CVE-2021-47096: Fixed uninitalized user_pversion in ALSA rawmidi
(bsc#1220981).
* CVE-2021-47097: Fixed stack out of bound access in
elantech_change_report_id() (bsc#1220982).
* CVE-2021-47098: Fixed integer overflow/underflow in hysteresis calculations
hwmon: (lm90) (bsc#1220983).
* CVE-2021-47099: Fixed BUG_ON assertion in veth when skb entering GRO are
cloned (bsc#1220955).
* CVE-2021-47100: Fixed UAF when uninstall in ipmi (bsc#1220985).
* CVE-2021-47101: Fixed uninit-value in asix_mdio_read() (bsc#1220987).
* CVE-2021-47102: Fixed incorrect structure access In line: upper =
info->upper_dev in net/marvell/prestera (bsc#1221009).
* CVE-2021-47104: Fixed memory leak in qib_user_sdma_queue_pkts()
(bsc#1220960).
* CVE-2021-47105: Fixed potential memory leak in ice/xsk (bsc#1220961).
* CVE-2021-47107: Fixed READDIR buffer overflow in NFSD (bsc#1220965).
* CVE-2021-47108: Fixed possible NULL pointer dereference for mtk_hdmi_conf in
drm/mediatek (bsc#1220986).
* CVE-2022-4744: Fixed double-free that could lead to DoS or privilege
escalation in TUN/TAP device driver functionality (bsc#1209635).
* CVE-2022-48626: Fixed a potential use-after-free on remove path moxart
(bsc#1220366).
* CVE-2022-48627: Fixed a memory overlapping when deleting chars in the buffer
(bsc#1220845).
* CVE-2022-48628: Fixed possible lock in ceph (bsc#1220848).
* CVE-2022-48629: Fixed possible memory leak in qcom-rng (bsc#1220989).
* CVE-2022-48630: Fixed infinite loop on requests not multiple of WORD_SZ in
crypto: qcom-rng (bsc#1220990).
* CVE-2023-0160: Fixed deadlock flaw in BPF that could allow a local user to
potentially crash the system (bsc#1209657).
* CVE-2023-28746: Fixed Register File Data Sampling (bsc#1213456).
* CVE-2023-35827: Fixed a use-after-free issue in ravb_tx_timeout_work()
(bsc#1212514).
* CVE-2023-4881: Fixed a out-of-bounds write flaw in the netfilter subsystem
that could lead to potential information disclosure or a denial of service
(bsc#1215221).
* CVE-2023-52447: Fixed map_fd_put_ptr() signature kABI workaround
(bsc#1220251).
* CVE-2023-52450: Fixed NULL pointer dereference issue in upi_fill_topology()
(bsc#1220237).
* CVE-2023-52453: Fixed data corruption in hisi_acc_vfio_pci (bsc#1220337).
* CVE-2023-52454: Fixed a kernel panic when host sends an invalid H2C PDU
length (bsc#1220320).
* CVE-2023-52462: Fixed check for attempt to corrupt spilled pointer
(bsc#1220325).
* CVE-2023-52463: Fixed null pointer dereference in efivarfs (bsc#1220328).
* CVE-2023-52467: Fixed a null pointer dereference in of_syscon_register
(bsc#1220433).
* CVE-2023-52469: Fixed a use-after-free in kv_parse_power_table
(bsc#1220411).
* CVE-2023-52470: Fixed null-ptr-deref in radeon_crtc_init() (bsc#1220413).
* CVE-2023-52474: Fixed a vulnerability with non-PAGE_SIZE-end multi-iovec
user SDMA requests (bsc#1220445).
* CVE-2023-52476: Fixed possible unhandled page fault via perf sampling NMI
during vsyscall (bsc#1220703).
* CVE-2023-52477: Fixed USB Hub accesses to uninitialized BOS descriptors
(bsc#1220790).
* CVE-2023-52481: Fixed speculative unprivileged load in Cortex-A520
(bsc#1220887).
* CVE-2023-52482: Fixed a bug by adding SRSO mitigation for Hygon processors
(bsc#1220735).
* CVE-2023-52484: Fixed a soft lockup triggered by
arm_smmu_mm_invalidate_range (bsc#1220797).
* CVE-2023-52486: Fixed possible use-after-free in drm (bsc#1221277).
* CVE-2023-52492: Fixed a null-pointer-dereference in channel unregistration
function __dma_async_device_channel_register() (bsc#1221276).
* CVE-2023-52493: Fixed possible soft lockup in bus/mhi/host (bsc#1221274).
* CVE-2023-52494: Fixed missing alignment check for event ring read pointer in
bus/mhi/host (bsc#1221273).
* CVE-2023-52497: Fixed data corruption in erofs (bsc#1220879).
* CVE-2023-52500: Fixed information leaking when processing
OPC_INB_SET_CONTROLLER_CONFIG command (bsc#1220883).
* CVE-2023-52501: Fixed possible memory corruption in ring-buffer
(bsc#1220885).
* CVE-2023-52502: Fixed a race condition in nfc_llcp_sock_get() and
nfc_llcp_sock_get_sn() (bsc#1220831).
* CVE-2023-52504: Fixed possible out-of bounds in apply_alternatives() on a
5-level paging machine (bsc#1221553).
* CVE-2023-52507: Fixed possible shift-out-of-bounds in nfc/nci (bsc#1220833).
* CVE-2023-52508: Fixed null pointer dereference in nvme_fc_io_getuuid()
(bsc#1221015).
* CVE-2023-52509: Fixed a use-after-free issue in ravb_tx_timeout_work()
(bsc#1220836).
* CVE-2023-52510: Fixed a potential UAF in ca8210_probe() (bsc#1220898).
* CVE-2023-52511: Fixed possible memory corruption in spi/sun6i (bsc#1221012).
* CVE-2023-52513: Fixed connection failure handling in RDMA/siw (bsc#1221022).
* CVE-2023-52515: Fixed possible use-after-free in RDMA/srp (bsc#1221048).
* CVE-2023-52517: Fixed race between DMA RX transfer completion and RX FIFO
drain in spi/sun6i (bsc#1221055).
* CVE-2023-52518: Fixed information leak in bluetooth/hci_codec (bsc#1221056).
* CVE-2023-52519: Fixed possible overflow in HID/intel-ish-hid/ipc
(bsc#1220920).
* CVE-2023-52520: Fixed reference leak in platform/x86/think-lmi
(bsc#1220921).
* CVE-2023-52523: Fixed wrong redirects to non-TCP sockets in bpf
(bsc#1220926).
* CVE-2023-52524: Fixed possible corruption in nfc/llcp (bsc#1220927).
* CVE-2023-52525: Fixed out of bounds check mwifiex_process_rx_packet()
(bsc#1220840).
* CVE-2023-52528: Fixed uninit-value access in __smsc75xx_read_reg()
(bsc#1220843).
* CVE-2023-52529: Fixed a potential memory leak in sony_probe() (bsc#1220929).
* CVE-2023-52530: Fixed a potential key use-after-free in wifi mac80211
(bsc#1220930).
* CVE-2023-52531: Fixed a memory corruption issue in iwlwifi (bsc#1220931).
* CVE-2023-52532: Fixed a bug in TX CQE error handling (bsc#1220932).
* CVE-2023-52559: Fixed a bug by avoiding memory allocation in iommu_suspend
(bsc#1220933).
* CVE-2023-52563: Fixed memory leak on ->hpd_notify callback() in drm/meson
(bsc#1220937).
* CVE-2023-52564: Reverted invalid fix for UAF in gsm_cleanup_mux()
(bsc#1220938).
* CVE-2023-52566: Fixed potential use after free in
nilfs_gccache_submit_read_data() (bsc#1220940).
* CVE-2023-52567: Fixed possible Oops in serial/8250_port: when using IRQ
polling (irq = 0) (bsc#1220839).
* CVE-2023-52569: Fixed a bug in btrfs by remoning BUG() after failure to
insert delayed dir index item (bsc#1220918).
* CVE-2023-52574: Fixed a bug by hiding new member header_ops (bsc#1220870).
* CVE-2023-52575: Fixed SBPB enablement for spec_rstack_overflow=off
(bsc#1220871).
* CVE-2023-52576: Fixed potential use after free in memblock_isolate_range()
(bsc#1220872).
* CVE-2023-52582: Fixed possible oops in netfs (bsc#1220878).
* CVE-2023-52583: Fixed deadlock or deadcode of misusing dget() inside ceph
(bsc#1221058).
* CVE-2023-52587: Fixed mcast list locking in IB/ipoib (bsc#1221082).
* CVE-2023-52591: Fixed a possible reiserfs filesystem corruption via
directory renaming (bsc#1221044).
* CVE-2023-52594: Fixed potential array-index-out-of-bounds read in
ath9k_htc_txstatus() (bsc#1221045).
* CVE-2023-52595: Fixed possible deadlock in wifi/rt2x00 (bsc#1221046).
* CVE-2023-52597: Fixed a setting of fpc register in KVM (bsc#1221040).
* CVE-2023-52598: Fixed wrong setting of fpc register in s390/ptrace
(bsc#1221060).
* CVE-2023-52599: Fixed array-index-out-of-bounds in diNewExt() in jfs
(bsc#1221062).
* CVE-2023-52600: Fixed uaf in jfs_evict_inode() (bsc#1221071).
* CVE-2023-52601: Fixed array-index-out-of-bounds in dbAdjTree() in jfs
(bsc#1221068).
* CVE-2023-52602: Fixed slab-out-of-bounds Read in dtSearch() in jfs
(bsc#1221070).
* CVE-2023-52603: Fixed array-index-out-of-bounds in dtSplitRoot()
(bsc#1221066).
* CVE-2023-52604: Fixed array-index-out-of-bounds in dbAdjTree()
(bsc#1221067).
* CVE-2023-52605: Fixed a NULL pointer dereference check (bsc#1221039)
* CVE-2023-52606: Fixed possible kernel stack corruption in powerpc/lib
(bsc#1221069).
* CVE-2023-52607: Fixed a null-pointer-dereference in pgtable_cache_add
kasprintf() (bsc#1221061).
* CVE-2023-52608: Fixed possible race condition in firmware/arm_scmi
(bsc#1221375).
* CVE-2023-52612: Fixed req->dst buffer overflow in crypto/scomp
(bsc#1221616).
* CVE-2023-52615: Fixed page fault dead lock on mmap-ed hwrng (bsc#1221614).
* CVE-2023-52617: Fixed stdev_release() crash after surprise hot remove
(bsc#1221613).
* CVE-2023-52619: Fixed possible crash when setting number of cpus to an odd
number in pstore/ram (bsc#1221618).
* CVE-2023-52621: Fixed missing asserion in bpf (bsc#1222073).
* CVE-2023-52623: Fixed suspicious RCU usage in SUNRPC (bsc#1222060).
* CVE-2023-52628: Fixed 4-byte stack OOB write in nftables (bsc#1222117).
* CVE-2023-52632: Fixed lock dependency warning with srcu in drm/amdkfd
(bsc#1222274).
* CVE-2023-52637: Fixed UAF in j1939_sk_match_filter() in can/k1939
(bsc#1222291).
* CVE-2023-52639: Fixed race during shadow creation in KVM/s390/vsie Fixed
(bsc#1222300).
* CVE-2023-6270: Fixed a use-after-free issue in aoecmd_cfg_pkts
(bsc#1218562).
* CVE-2023-6356: Fixed a NULL pointer dereference in nvmet_tcp_build_pdu_iovec
(bsc#1217987).
* CVE-2023-6535: Fixed a NULL pointer dereference in nvmet_tcp_execute_request
(bsc#1217988).
* CVE-2023-6536: Fixed a NULL pointer dereference in __nvmet_req_complete
(bsc#1217989).
* CVE-2023-7042: Fixed a null-pointer-dereference in
ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev() (bsc#1218336).
* CVE-2023-7192: Fixed a memory leak problem in ctnetlink_create_conntrack in
net/netfilter/nf_conntrack_netlink.c (bsc#1218479).
* CVE-2024-0841: Fixed a null pointer dereference in the hugetlbfs_fill_super
function in hugetlbfs (HugeTLB pages) functionality (bsc#1219264).
* CVE-2024-2201: Fixed information leak in x86/BHI (bsc#1217339).
* CVE-2024-22099: Fixed a null-pointer-dereference in rfcomm_check_security
(bsc#1219170).
* CVE-2024-23307: Fixed Integer Overflow or Wraparound vulnerability in x86
and ARM md, raid, raid5 modules (bsc#1219169).
* CVE-2024-25739: Fixed possible crash in create_empty_lvol() in
drivers/mtd/ubi/vtbl.c (bsc#1219834).
* CVE-2024-25742: Fixed insufficient validation during #VC instruction
emulation in x86/sev (bsc#1221725).
* CVE-2024-26599: Fixed out-of-bounds access in of_pwm_single_xlate()
(bsc#1220365).
* CVE-2024-26600: Fixed NULL pointer dereference for SRP in phy-omap-usb2
(bsc#1220340).
* CVE-2024-26602: Fixed overall slowdowns with sys_membarrier (bsc1220398).
* CVE-2024-26607: Fixed a probing race issue in sii902x: (bsc#1220736).
* CVE-2024-26612: Fixed Oops in fscache_put_cache() This function dereferences
(bsc#1221291).
* CVE-2024-26614: Fixed the initialization of accept_queue's spinlocks
(bsc#1221293).
* CVE-2024-26620: Fixed possible device model violation in s390/vfio-ap
(bsc#1221298).
* CVE-2024-26627: Fixed possible hard lockup in scsi (bsc#1221090).
* CVE-2024-26629: Fixed possible protocol violation via RELEASE_LOCKOWNER in
nfsd (bsc#1221379).
* CVE-2024-26642: Fixed the set of anonymous timeout flag in netfilter
nf_tables (bsc#1221830).
* CVE-2024-26645: Fixed missing visibility when inserting an element into
tracing_map (bsc#1222056).
* CVE-2024-26646: Fixed potential memory corruption when resuming from suspend
or hibernation in thermal/intel/hfi (bsc#1222070).
* CVE-2024-26651: Fixed possible oops via malicious devices in sr9800
(bsc#1221337).
* CVE-2024-26654: Fixed use after free in ALSA/sh/aica (bsc#1222304).
* CVE-2024-26659: Fixed wrong handling of isoc Babble and Buffer Overrun
events in xhci (bsc#1222317).
* CVE-2024-26664: Fixed out-of-bounds memory access in create_core_data() in
hwmon coretemp (bsc#1222355).
* CVE-2024-26667: Fixed null pointer reference in
dpu_encoder_helper_phys_cleanup in drm/msm/dpu (bsc#1222331).
* CVE-2024-26670: Fixed ARM64_WORKAROUND_SPECULATIVE_UNPRIV_LOAD workaround in
kernel arm64 (bsc#1222356).
* CVE-2024-26695: Fixed null pointer dereference in
__sev_platform_shutdown_locked in crypto ccp (bsc#1222373).
* CVE-2024-26717: Fixed null pointer dereference on failed power up in HID
i2c-hid-of (bsc#1222360).

The following non-security bugs were fixed:

* acpi: CPPC: enable AMD CPPC V2 support for family 17h processors (git-
fixes).
* acpi: processor_idle: Fix memory leak in acpi_processor_power_exit() (git-
fixes).
* acpi: resource: Add Infinity laptops to irq1_edge_low_force_override
(stable-fixes).
* acpi: resource: Add MAIBENBEN X577 to irq1_edge_low_force_override (git-
fixes).
* acpi: resource: Do IRQ override on Lunnen Ground laptops (stable-fixes).
* acpi: scan: Fix device check notification handling (git-fixes).
* acpica: debugger: check status of acpi_evaluate_object() in
acpi_db_walk_for_fields() (git-fixes).
* alsa: aaci: Delete unused variable in aaci_do_suspend (git-fixes).
* alsa: aoa: avoid false-positive format truncation warning (git-fixes).
* alsa: aw2: avoid casting function pointers (git-fixes).
* alsa: ctxfi: avoid casting function pointers (git-fixes).
* alsa: hda/realtek - ALC285 reduce pop noise from Headphone port (stable-
fixes).
* alsa: hda/realtek - Add Headset Mic supported Acer NB platform (stable-
fixes).
* alsa: hda/realtek - Fix headset Mic no show at resume back for Lenovo ALC897
platform (git-fixes).
* alsa: hda/realtek: Enable Mute LED on HP 840 G8 (MB 8AB8) (git-fixes).
* alsa: hda/realtek: Update Panasonic CF-SZ6 quirk to support headset with
microphone (git-fixes).
* alsa: hda/realtek: fix ALC285 issues on HP Envy x360 laptops (stable-fixes).
* alsa: hda/realtek: fix mute/micmute LED For HP mt440 (git-fixes).
* alsa: hda/realtek: fix mute/micmute LEDs for HP EliteBook (stable-fixes).
* alsa: seq: fix function cast warnings (git-fixes).
* alsa: sh: aica: reorder cleanup operations to avoid UAF bugs (git-fixes).
* alsa: usb-audio: Stop parsing channels bits when all channels are found
(git-fixes).
* arm64: dts: allwinner: h6: Add RX DMA channel for SPDIF (git-fixes)
* arm64: dts: broadcom: bcmbca: bcm4908: drop invalid switch cells (git-fixes)
* arm64: dts: imx8mm-kontron: Add support for ultra high speed modes on (git-
fixes)
* arm64: dts: imx8mm-venice-gw71xx: fix USB OTG VBUS (git-fixes)
* arm64: dts: marvell: reorder crypto interrupts on Armada SoCs (git-fixes)
* arm64: dts: rockchip: add ES8316 codec for ROCK Pi 4 (git-fixes)
* arm64: dts: rockchip: add SPDIF node for ROCK Pi 4 (git-fixes)
* arm64: dts: rockchip: fix regulator name on rk3399-rock-4 (git-fixes)
* arm64: dts: rockchip: set num-cs property for spi on px30 (git-fixes)
* arm64: mm: fix VA-range sanity check (git-fixes)
* arm64: set __exception_irq_entry with __irq_entry as a default (git-fixes)
* asoc: Intel: bytcr_rt5640: Add an extra entry for the Chuwi Vi8 tablet
(stable-fixes).
* asoc: amd: acp: Add missing error handling in sof-mach (git-fixes).
* asoc: amd: acp: fix for acp_init function error handling (git-fixes).
* asoc: madera: Fix typo in madera_set_fll_clks shift value (git-fixes).
* asoc: meson: Use dev_err_probe() helper (stable-fixes).
* asoc: meson: aiu: fix function pointer type mismatch (git-fixes).
* asoc: meson: axg-tdm-interface: add frame rate constraint (git-fixes).
* asoc: meson: axg-tdm-interface: fix mclk setup without mclk-fs (git-fixes).
* asoc: meson: t9015: fix function pointer type mismatch (git-fixes).
* asoc: ops: Fix wraparound for mask in snd_soc_get_volsw (git-fixes).
* asoc: rcar: adg: correct TIMSEL setting for SSI9 (git-fixes).
* asoc: rt5645: Make LattePanda board DMI match more precise (stable-fixes).
* asoc: rt5682-sdw: fix locking sequence (git-fixes).
* asoc: rt711-sdca: fix locking sequence (git-fixes).
* asoc: rt711-sdw: fix locking sequence (git-fixes).
* asoc: wm8962: Enable both SPKOUTR_ENA and SPKOUTL_ENA in mono mode (stable-
fixes).
* asoc: wm8962: Enable oscillator if selecting WM8962_FLL_OSC (stable-fixes).
* asoc: wm8962: Fix up incorrect error message in wm8962_set_fll (stable-
fixes).
* ata: sata_mv: Fix PCI device ID table declaration compilation warning (git-
fixes).
* ata: sata_sx4: fix pdc20621_get_from_dimm() on 64-bit (git-fixes).
* backlight: da9052: Fully initialize backlight_properties during probe (git-
fixes).
* backlight: lm3630a: Do not set bl->props.brightness in get_brightness (git-
fixes).
* backlight: lm3630a: Initialize backlight_properties on init (git-fixes).
* backlight: lm3639: Fully initialize backlight_properties during probe (git-
fixes).
* backlight: lp8788: Fully initialize backlight_properties during probe (git-
fixes).
* blocklayoutdriver: Fix reference leak of pnfs_device_node (git-fixes).
* bluetooth: Remove HCI_POWER_OFF_TIMEOUT (git-fixes).
* bluetooth: Remove superfluous call to hci_conn_check_pending() (git-fixes).
* bluetooth: hci_core: Fix possible buffer overflow (git-fixes).
* bluetooth: mgmt: Remove leftover queuing of power_off work (git-fixes).
* bluetooth: rfcomm: Fix null-ptr-deref in rfcomm_check_security (stable-
fixes).
* bpf, scripts: Correct GPL license name (git-fixes).
* bpf, sockmap: Fix preempt_rt splat when using raw_spin_lock_t (git-fixes).
* can: softing: remove redundant NULL check (git-fixes).
* clk: zynq: Prevent null pointer dereference caused by kmalloc failure (git-
fixes).
* comedi: comedi_test: Prevent timers rescheduling during deletion (git-
fixes).
* coresight: etm4x: Do not access TRCIDR1 for identification (bsc#1220775)
* coresight: etm4x: Fix accesses to TRCSEQRSTEVR and TRCSEQSTR (bsc#1220775)
* coresight: etm: Override TRCIDR3.CCITMIN on errata affected cpus
(bsc#1220775)
* cpufreq: amd-pstate: Fix min_perf assignment in amd_pstate_adjust_perf()
(git-fixes).
* cpufreq: brcmstb-avs-cpufreq: add check for cpufreq_cpu_get's return value
(git-fixes).
* crypto: arm/sha - fix function cast warnings (git-fixes).
* crypto: qat - avoid division by zero (git-fixes).
* crypto: qat - fix deadlock in backlog processing (git-fixes).
* crypto: qat - fix double free during reset (git-fixes).
* crypto: qat - fix state machines cleanup paths (bsc#1218321).
* crypto: qat - fix unregistration of compression algorithms (git-fixes).
* crypto: qat - fix unregistration of crypto algorithms (git-fixes).
* crypto: qat - ignore subsequent state up commands (git-fixes).
* crypto: qat - increase size of buffers (git-fixes).
* crypto: qat - resolve race condition during AER recovery (git-fixes).
* crypto: xilinx - call finalize with bh disabled (git-fixes).
* doc-guide: kernel-doc: tell about object-like macros (git-fixes).
* doc/README.SUSE: Update information about module support status
(jsc#PED-5759)
* drivers: hv: vmbus: Calculate ring buffer size for more efficient use of
memory (git-fixes).
* drm/amd/display: Add FAMS validation before trying to use it (git-fixes).
* drm/amd/display: Add function for validate and update new stream (git-
fixes).
* drm/amd/display: Avoid ABM when ODM combine is enabled for eDP (git-fixes).
* drm/amd/display: Blocking invalid 420 modes on HDMI TMDS for DCN31 (git-
fixes).
* drm/amd/display: Check if link state is valid (git-fixes).
* drm/amd/display: Copy DC context in the commit streams (git-fixes).
* drm/amd/display: Disable PSR-SU on Parade 0803 TCON again (git-fixes).
* drm/amd/display: Enable fast plane updates on DCN3.2 and above (git-fixes).
* drm/amd/display: Enable new commit sequence only for DCN32x (git-fixes).
* drm/amd/display: Exit idle optimizations before attempt to access PHY (git-
fixes).
* drm/amd/display: Expand kernel doc for DC (git-fixes).
* drm/amd/display: Fix a bug when searching for insert_above_mpcc (git-fixes).
* drm/amd/display: Fix a potential buffer overflow in 'dp_dsc_clock_en_read()'
(git-fixes).
* drm/amd/display: Fix possible underflow for displays with large vblank (git-
fixes).
* drm/amd/display: Fix the delta clamping for shaper LUT (git-fixes).
* drm/amd/display: Fix underflow issue on 175hz timing (git-fixes).
* drm/amd/display: For prefetch mode > 0, extend prefetch if possible (git-
fixes).
* drm/amd/display: Guard DCN31 PHYD32CLK logic against chip family (git-
fixes).
* drm/amd/display: Guard against invalid RPTR/WPTR being set (git-fixes).
* drm/amd/display: Handle seamless boot stream (git-fixes).
* drm/amd/display: Handle virtual hardware detect (git-fixes).
* drm/amd/display: Include surface of unaffected streams (git-fixes).
* drm/amd/display: Include udelay when waiting for INBOX0 ACK (git-fixes).
* drm/amd/display: Increase frame warning limit with KASAN or KCSAN in dml
(git-fixes).
* drm/amd/display: Keep PHY active for dp config (git-fixes).
* drm/amd/display: Prevent vtotal from being set to 0 (git-fixes).
* drm/amd/display: Remove min_dst_y_next_start check for Z8 (git-fixes).
* drm/amd/display: Restore rptr/wptr for DMCUB as workaround (git-fixes).
* drm/amd/display: Return the correct HDCP error code (stable-fixes).
* drm/amd/display: Revert vblank change that causes null pointer crash (git-
fixes).
* drm/amd/display: Rework comments on dc file (git-fixes).
* drm/amd/display: Rework context change check (git-fixes).
* drm/amd/display: Set minimum requirement for using PSR-SU on Phoenix (git-
fixes).
* drm/amd/display: Set minimum requirement for using PSR-SU on Rembrandt (git-
fixes).
* drm/amd/display: Update OTG instance in the commit stream (git-fixes).
* drm/amd/display: Update correct DCN314 register header (git-fixes).
* drm/amd/display: Update min Z8 residency time to 2100 for DCN314 (git-
fixes).
* drm/amd/display: Use DRAM speed from validation for dummy p-state (git-
fixes).
* drm/amd/display: Use DTBCLK as refclk instead of DPREFCLK (git-fixes).
* drm/amd/display: Use min transition for all SubVP plane add/remove (git-
fixes).
* drm/amd/display: Write to correct dirty_rect (git-fixes).
* drm/amd/display: Wrong colorimetry workaround (git-fixes).
* drm/amd/display: add FB_DAMAGE_CLIPS support (git-fixes).
* drm/amd/display: add ODM case when looking for first split pipe (git-fixes).
* drm/amd/display: always switch off ODM before committing more streams (git-
fixes).
* drm/amd/display: clean code-style issues in dcn30_set_mpc_shaper_3dlut (git-
fixes).
* drm/amd/display: dc.h: eliminate kernel-doc warnings (git-fixes).
* drm/amd/display: ensure async flips are only accepted for fast updates (git-
fixes).
* drm/amd/display: fix ABM disablement (git-fixes).
* drm/amd/display: fix a NULL pointer dereference in amdgpu_dm_i2c_xfer()
(git-fixes).
* drm/amd/display: fix dc/core/dc.c kernel-doc (git-fixes).
* drm/amd/display: fix hw rotated modes when PSR-SU is enabled (git-fixes).
* drm/amd/display: fix kernel-doc issues in dc.h (git-fixes).
* drm/amd/display: fix unbounded requesting for high pixel rate modes on
dcn315 (git-fixes).
* drm/amd/display: handle range offsets in VRR ranges (stable-fixes).
* drm/amd/display: perform a bounds check before filling dirty rectangles
(git-fixes).
* drm/amd/display: set per pipe dppclk to 0 when dpp is off (git-fixes).
* drm/amd/display: update extended blank for dcn314 onwards (git-fixes).
* drm/amd/display: use low clocks for no plane configs (git-fixes).
* drm/amd/pm: Fix error of MACO flag setting code (git-fixes).
* drm/amd/pm: fix a memleak in aldebaran_tables_init (git-fixes).
* drm/amd/smu: use AverageGfxclkFrequency* to replace previous GFX Curr Clock
(git-fixes).
* drm/amd: Enable PCIe PME from D3 (git-fixes).
* drm/amdgpu/pm: Fix the error of pwm1_enable setting (stable-fixes).
* drm/amdgpu/pm: make gfxclock consistent for sienna cichlid (git-fixes).
* drm/amdgpu/pm: make mclk consistent for smu 13.0.7 (git-fixes).
* drm/amdgpu/smu13: drop compute workload workaround (git-fixes).
* drm/amdgpu: Enable gpu reset for S3 abort cases on Raven series (stable-
fixes).
* drm/amdgpu: Fix missing break in ATOM_ARG_IMM Case of atom_get_src_int()
(git-fixes).
* drm/amdgpu: Force order between a read and write to the same address (git-
fixes).
* drm/amdgpu: Match against exact bootloader status (git-fixes).
* drm/amdgpu: Unset context priority is now invalid (git-fixes).
* drm/amdgpu: Update min() to min_t() in 'amdgpu_info_ioctl' (git-fixes).
* drm/amdgpu: amdgpu_ttm_gart_bind set gtt bound flag (stable-fixes).
* drm/amdgpu: lower CS errors to debug severity (git-fixes).
* drm/amdkfd: fix TLB flush after unmap for GFX9.4.2 (stable-fixes).
* drm/bridge: tc358762: Instruct DSI host to generate HSE packets (git-fixes).
* drm/display: fix typo (git-fixes).
* drm/edid: Add quirk for OSVR HDK 2.0 (git-fixes).
* drm/etnaviv: Restore some id values (git-fixes).
* drm/exynos: do not return negative values from .get_modes() (stable-fixes).
* drm/exynos: fix a possible null-pointer dereference due to data race in
exynos_drm_crtc_atomic_disable() (git-fixes).
* drm/i915/bios: Tolerate devdata==NULL in
intel_bios_encoder_supports_dp_dual_mode() (stable-fixes).
* drm/i915/gt: Do not generate the command streamer for all the CCS (git-
fixes).
* drm/i915/gt: Reset queue_priority_hint on parking (git-fixes).
* drm/i915/gt: Use i915_vm_put on ppgtt_create error paths (git-fixes).
* drm/i915/selftests: Fix dependency of some timeouts on HZ (git-fixes).
* drm/i915: Add missing CCS documentation (git-fixes).
* drm/i915: Call intel_pre_plane_updates() also for pipes getting enabled
(git-fixes).
* drm/i915: Check before removing mm notifier (git-fixes).
* drm/lima: fix a memleak in lima_heap_alloc (git-fixes).
* drm/mediatek: Fix a null pointer crash in mtk_drm_crtc_finish_page_flip
(git-fixes).
* drm/mediatek: dsi: Fix DSI RGB666 formats and definitions (git-fixes).
* drm/msm/dpu: Only enable DSC_MODE_MULTIPLEX if dsc_merge is enabled (git-
fixes).
* drm/msm/dpu: add division of drm_display_mode's hskew parameter (git-fixes).
* drm/msm/dpu: fix the programming of INTF_CFG2_DATA_HCTL_EN (git-fixes).
* drm/msm/dpu: improve DSC allocation (git-fixes).
* drm/panel-edp: use put_sync in unprepare (git-fixes).
* drm/panel: Move AUX B116XW03 out of panel-edp back to panel-simple (git-
fixes).
* drm/panel: auo,b101uan08.3: Fine tune the panel power sequence (git-fixes).
* drm/panel: boe-tv101wum-nl6: Fine tune the panel power sequence (git-fixes).
* drm/panel: do not return negative error codes from drm_panel_get_modes()
(stable-fixes).
* drm/panfrost: fix power transition timeout warnings (git-fixes).
* drm/probe-helper: warn about negative .get_modes() (stable-fixes).
* drm/qxl: remove unused `count` variable from `qxl_surface_id_alloc()` (git-
fixes).
* drm/qxl: remove unused variable from `qxl_process_single_command()` (git-
fixes).
* drm/radeon/ni: Fix wrong firmware size logging in ni_init_microcode() (git-
fixes).
* drm/radeon/ni_dpm: remove redundant NULL check (git-fixes).
* drm/radeon: remove dead code in ni_mc_load_microcode() (git-fixes).
* drm/rockchip: dsi: Clean up 'usage_mode' when failing to attach (git-fixes).
* drm/rockchip: inno_hdmi: Fix video timing (git-fixes).
* drm/rockchip: lvds: do not overwrite error code (git-fixes).
* drm/rockchip: lvds: do not print scary message when probing defer (git-
fixes).
* drm/tegra: dpaux: Fix PM disable depth imbalance in tegra_dpaux_probe (git-
fixes).
* drm/tegra: dsi: Add missing check for of_find_device_by_node (git-fixes).
* drm/tegra: dsi: Fix missing pm_runtime_disable() in the error handling path
of tegra_dsi_probe() (git-fixes).
* drm/tegra: dsi: Fix some error handling paths in tegra_dsi_probe() (git-
fixes).
* drm/tegra: dsi: Make use of the helper function dev_err_probe() (stable-
fixes).
* drm/tegra: hdmi: Convert to devm_platform_ioremap_resource() (stable-fixes).
* drm/tegra: hdmi: Fix some error handling paths in tegra_hdmi_probe() (git-
fixes).
* drm/tegra: output: Fix missing i2c_put_adapter() in the error handling paths
of tegra_output_probe() (git-fixes).
* drm/tegra: put drm_gem_object ref on error in tegra_fb_create (git-fixes).
* drm/tegra: rgb: Fix missing clk_put() in the error handling paths of
tegra_dc_rgb_probe() (git-fixes).
* drm/tegra: rgb: Fix some error handling paths in tegra_dc_rgb_probe() (git-
fixes).
* drm/tidss: Fix initial plane zpos values (git-fixes).
* drm/tidss: Fix sync-lost issue with two displays (git-fixes).
* drm/ttm: Do not leak a resource on eviction error (git-fixes).
* drm/ttm: Do not print error message if eviction was interrupted (git-fixes).
* drm/vc4: Add module dependency on hdmi-codec (git-fixes).
* drm/vmwgfx: Create debugfs ttm_resource_manager entry only if needed (git-
fixes).
* drm/vmwgfx: Fix possible null pointer derefence with invalid contexts (git-
fixes).
* drm/vmwgfx: fix a memleak in vmw_gmrid_man_get_node (git-fixes).
* drm: Do not treat 0 as -1 in drm_fixp2int_ceil (git-fixes).
* drm: Fix drm_fixp2int_round() making it add 0.5 (git-fixes).
* drm: panel-orientation-quirks: Add quirk for Acer Switch V 10 (SW5-017)
(git-fixes).
* firewire: core: use long bus reset on gap count error (stable-fixes).
* fix "coresight: etm4x: Change etm4_platform_driver driver for MMIO devices"
(bsc#1220775) Hunk with clk_put(drvdata->pclk) was incorrectly moved to
another function.
* hid: amd_sfh: Update HPD sensor structure elements (git-fixes).
* hid: lenovo: Add middleclick_workaround sysfs knob for cptkbd (git-fixes).
* hid: multitouch: Add required quirk for Synaptics 0xcddc device (stable-
fixes).
* hv_netvsc: Calculate correct ring size when PAGE_SIZE is not 4 Kbytes (git-
fixes).
* hv_netvsc: Fix race condition between netvsc_probe and netvsc_remove (git-
fixes).
* hv_netvsc: Register VF in netvsc_probe if NET_DEVICE_REGISTER missed (git-
fixes).
* i2c: aspeed: Fix the dummy irq expected print (git-fixes).
* i2c: i801: Avoid potential double call to gpiod_remove_lookup_table (git-
fixes).
* i2c: wmt: Fix an error handling path in wmt_i2c_probe() (git-fixes).
* ib/ipoib: Fix mcast list locking (git-fixes)
* iio: dummy_evgen: remove Excess kernel-doc comments (git-fixes).
* iio: pressure: dlhl60d: Initialize empty DLH bytes (git-fixes).
* input: gpio_keys_polled - suppress deferred probe error for gpio (stable-
fixes).
* input: i8042 - add Fujitsu Lifebook E5411 to i8042 quirk table (git-fixes).
* input: i8042 - add Fujitsu Lifebook U728 to i8042 quirk table (git-fixes).
* input: i8042 - add quirk for Fujitsu Lifebook A574/H (git-fixes).
* input: i8042 - fix strange behavior of touchpad on Clevo NS70PU (git-fixes).
* input: pm8941-powerkey - fix debounce on gen2+ PMICs (git-fixes).
* input: pm8941-pwrkey - add software key press debouncing support (git-
fixes).
* input: pm8941-pwrkey - add support for PON GEN3 base addresses (git-fixes).
* input: synaptics-rmi4 - fix UAF of IRQ domain on driver removal (git-fixes).
* input: xpad - add Lenovo Legion Go controllers (git-fixes).
* iommu/amd: Mark interrupt as managed (git-fixes).
* iommu/dma: Trace bounce buffer usage when mapping buffers (git-fixes).
* iommu/mediatek-v1: Fix an error handling path in mtk_iommu_v1_probe() (git-
fixes).
* iommu/mediatek: Fix forever loop in error handling (git-fixes).
* iommu/vt-d: Allow to use flush-queue when first level is default (git-
fixes).
* iommu/vt-d: Do not issue ATS Invalidation request when device is
disconnected (git-fixes).
* iommu/vt-d: Fix PASID directory pointer coherency (git-fixes).
* iommu/vt-d: Set No Execute Enable bit in PASID table entry (git-fixes).
* kabi: PCI: Add locking to RMW PCI Express Capability Register accessors
(kabi).
* kconfig: fix infinite loop when expanding a macro at the end of file (git-
fixes).
* kvm: s390: only deliver the set service event bits (git-fixes bsc#1221631).
* lan78xx: enable auto speed configuration for LAN7850 if no EEPROM is
detected (git-commit).
* leds: aw2013: Unlock mutex before destroying it (git-fixes).
* lib/cmdline: Fix an invalid format specifier in an assertion msg (git-
fixes).
* make NVIDIA Grace-Hopper TPM related drivers build-ins (bsc#1221156)
* md/raid10: check slab-out-of-bounds in md_bitmap_get_counter (git-fixes).
* md/raid5: release batch_last before waiting for another stripe_head (git-
fixes).
* md/raid6: use valid sector values to determine if an I/O should wait on the
reshape (git-fixes).
* md: Do not ignore suspended array in md_check_recovery() (git-fixes).
* md: Make sure md_do_sync() will set MD_RECOVERY_DONE (git-fixes).
* md: Whenassemble the array, consult the superblock of the freshest device
(git-fixes).
* md: do not leave 'MD_RECOVERY_FROZEN' in error path of md_set_readonly()
(git-fixes).
* md: fix data corruption for raid456 when reshape restart while grow up (git-
fixes).
* md: introduce md_ro_state (git-fixes).
* media: dvb-frontends: avoid stack overflow warnings with clang (git-fixes).
* media: edia: dvbdev: fix a use-after-free (git-fixes).
* media: em28xx: annotate unchecked call to media_device_register() (git-
fixes).
* media: go7007: add check of return value of go7007_read_addr() (git-fixes).
* media: go7007: fix a memleak in go7007_load_encoder (git-fixes).
* media: imx: csc/scaler: fix v4l2_ctrl_handler memory leak (git-fixes).
* media: pvrusb2: fix pvr2_stream_callback casts (git-fixes).
* media: pvrusb2: fix uaf in pvr2_context_set_notify (git-fixes).
* media: pvrusb2: remove redundant NULL check (git-fixes).
* media: staging: ipu3-imgu: Set fields before media_entity_pads_init() (git-
fixes).
* media: sun8i-di: Fix chroma difference threshold (git-fixes).
* media: sun8i-di: Fix coefficient writes (git-fixes).
* media: sun8i-di: Fix power on/off sequences (git-fixes).
* media: tc358743: register v4l2 async device only after successful setup
(git-fixes).
* media: ttpci: fix two memleaks in budget_av_attach (git-fixes).
* media: usbtv: Remove useless locks in usbtv_video_free() (git-fixes).
* media: v4l2-mem2mem: fix a memleak in v4l2_m2m_register_entity (git-fixes).
* media: v4l2-tpg: fix some memleaks in tpg_alloc (git-fixes).
* media: xc4000: Fix atomicity violation in xc4000_get_frequency (git-fixes).
* mfd: altera-sysmgr: Call of_node_put() only when of_parse_phandle() takes a
ref (git-fixes).
* mfd: syscon: Call of_node_put() only when of_parse_phandle() takes a ref
(git-fixes).
* mm,page_owner: Defer enablement of static branch (bsc#1222366).
* mm,page_owner: Fix accounting of pages when migrating (bsc#1222366).
* mm,page_owner: Fix printing of stack records (bsc#1222366).
* mm,page_owner: Fix refcount imbalance (bsc#1222366).
* mm,page_owner: Update metadata for tail pages (bsc#1222366).
* mm,page_owner: check for null stack_record before bumping its refcount
(bsc#1222366).
* mm,page_owner: drop unnecessary check (bsc#1222366).
* mm,page_owner: fix recursion (bsc#1222366).
* mmc: core: Avoid negative index with array access (git-fixes).
* mmc: core: Fix switch on gp3 partition (git-fixes).
* mmc: core: Initialize mmc_blk_ioc_data (git-fixes).
* mmc: mmci: stm32: fix DMA API overlapping mappings warning (git-fixes).
* mmc: mmci: stm32: use a buffer for unaligned DMA requests (git-fixes).
* mmc: tmio: avoid concurrent runs of mmc_request_done() (git-fixes).
* mmc: wmt-sdmmc: remove an incorrect release_mem_region() call in the .remove
function (git-fixes).
* mtd: maps: physmap-core: fix flash size larger than 32-bit (git-fixes).
* mtd: rawnand: lpc32xx_mlc: fix irq handler prototype (git-fixes).
* mtd: rawnand: meson: fix scrambling mode value in command macro (git-fixes).
* net/bnx2x: Prevent access to a freed page in page_pool (bsc#1215322).
* net/x25: fix incorrect parameter validation in the x25_getsockopt() function
(git-fixes).
* net: Fix features skip in for_each_netdev_feature() (git-fixes).
* net: lan78xx: fix runtime PM count underflow on link stop (git-fixes).
* net: ll_temac: platform_get_resource replaced by wrong function (git-fixes).
* net: mana: Fix Rx DMA datasize and skb_over_panic (git-fixes).
* net: phy: fix phy_get_internal_delay accessing an empty array (git-fixes).
* net: sunrpc: Fix an off by one in rpc_sockaddr2uaddr() (git-fixes).
* net: usb: dm9601: fix wrong return value in dm9601_mdio_read (git-fixes).
* nfc: nci: Fix uninit-value in nci_dev_up and nci_ntf_packet (git-fixes).
* nfs: fix an off by one in root_nfs_cat() (git-fixes).
* nfs: rename nfs_client_kset to nfs_kset (git-fixes).
* nfsd: change LISTXATTRS cookie encoding to big-endian (git-fixes).
* nfsd: convert the callback workqueue to use delayed_work (git-fixes).
* nfsd: do not take fi_lock in nfsd_break_deleg_cb() (git-fixes).
* nfsd: fix LISTXATTRS returning a short list with eof=TRUE (git-fixes).
* nfsd: fix LISTXATTRS returning more bytes than maxcount (git-fixes).
* nfsd: fix file memleak on client_opens_release (git-fixes).
* nfsd: fix nfsd4_listxattr_validate_cookie (git-fixes).
* nfsd: lock_rename() needs both directories to live on the same fs (git-
fixes).
* nfsd: reschedule CB operations when backchannel rpc_clnt is shut down (git-
fixes).
* nfsd: reset cb_seq_status after NFS4ERR_DELAY (git-fixes).
* nfsd: retransmit callbacks after client reconnects (git-fixes).
* nfsd: use vfs setgid helper (git-fixes).
* nfsv4.1/pnfs: Ensure we handle the error NFS4ERR_RETURNCONFLICT (git-fixes).
* nfsv4.1: fix SP4_MACH_CRED protection for pnfs IO (git-fixes).
* nfsv4.1: fixup use EXCHGID4_FLAG_USE_PNFS_DS for DS server (git-fixes).
* nfsv4.1: use EXCHGID4_FLAG_USE_PNFS_DS for DS server (git-fixes).
* nfsv4.2: fix listxattr maximum XDR buffer size (git-fixes).
* nfsv4.2: fix nfs4_listxattr kernel BUG at mm/usercopy.c:102 (git-fixes).
* nfsv4.2: fix wrong shrinker_id (git-fixes).
* nfsv4: fix a nfs4_state_manager() race (git-fixes).
* nfsv4: fix a state manager thread deadlock regression (git-fixes).
* nilfs2: fix failure to detect DAT corruption in btree and direct mappings
(git-fixes).
* nilfs2: prevent kernel bug at submit_bh_wbc() (git-fixes).
* nouveau/dmem: handle kcalloc() allocation failure (git-fixes).
* nouveau: reset the bo resource bus info after an eviction (git-fixes).
* ntfs: fix use-after-free in ntfs_ucsncmp() (bsc#1221713).
* nvme-fc: do not wait in vain when unloading module (git-fixes).
* nvme: fix reconnection fail due to reserved tag allocation (git-fixes).
* nvmet-fc: abort command when there is no binding (git-fixes).
* nvmet-fc: avoid deadlock on delete association path (git-fixes).
* nvmet-fc: defer cleanup using RCU properly (git-fixes).
* nvmet-fc: hold reference on hostport match (git-fixes).
* nvmet-fc: release reference on target port (git-fixes).
* nvmet-fc: take ref count on tgtport before delete assoc (git-fixes).
* nvmet-fcloop: swap the list_add_tail arguments (git-fixes).
* nvmet-tcp: fix nvme tcp ida memory leak (git-fixes).
* pci/aer: fix rootport attribute paths in ABI docs (git-fixes).
* pci/aspm: Use RMW accessors for changing LNKCTL (git-fixes).
* pci/dpc: print all TLP Prefixes, not just the first (git-fixes).
* pci/msi: prevent MSI hardware interrupt number truncation (bsc#1218777)
* pci/p2pdma: Fix a sleeping issue in a RCU read section (git-fixes).
* pci: add locking to RMW PCI Express Capability Register accessors (git-
fixes).
* pci: dwc: Fix a 64bit bug in dw_pcie_ep_raise_msix_irq() (git-fixes).
* pci: dwc: endpoint: Fix advertised resizable BAR size (git-fixes).
* pci: dwc: endpoint: Fix dw_pcie_ep_raise_msix_irq() alignment support (git-
fixes).
* pci: fu740: Set the number of MSI vectors (git-fixes).
* pci: lengthen reset delay for VideoPropulsion Torrent QN16e card (git-
fixes).
* pci: make link retraining use RMW accessors for changing LNKCTL (git-fixes).
* pci: mark 3ware-9650SE Root Port Extended Tags as broken (git-fixes).
* pci: mediatek-gen3: Fix translation window size calculation (git-fixes).
* pci: mediatek: Clear interrupt status before dispatching handler (git-
fixes).
* pci: qcom: Enable BDF to SID translation properly (git-fixes).
* pci: qcom: Use DWC helpers for modifying the read-only DBI registers (git-
fixes).
* pci: rockchip: Do not advertise MSI-X in PCIe capabilities (git-fixes).
* pci: rockchip: Fix window mapping and address translation for endpoint (git-
fixes).
* pci: rockchip: Use 64-bit mask on MSI 64-bit PCI address (git-fixes).
* pci: switchtec: Fix an error handling path in switchtec_pci_probe() (git-
fixes).
* pinctrl: mediatek: Drop bogus slew rate register range for MT8192 (git-
fixes).
* platform/mellanox: mlxreg-hotplug: Remove redundant NULL-check (git-fixes).
* pm: suspend: Set mem_sleep_current during kernel command line setup (git-
fixes).
* pnfs/flexfiles: Check the layout validity in ff_layout_mirror_prepare_stats
(git-fixes).
* pnfs: Fix a hang in nfs4_evict_inode() (git-fixes).
* pnfs: Fix the pnfs block driver's calculation of layoutget size (git-fixes).
* powerpc/64s: POWER10 CPU Kconfig build option (bsc#1194869).
* powerpc/boot: Disable power10 features after BOOTAFLAGS assignment
(bsc#1194869).
* powerpc/boot: Fix boot wrapper code generation with CONFIG_POWER10_CPU
(bsc#1194869).
* powerpc/lib/sstep: Do not use __{get/put}_user() on kernel addresses
(bsc#1194869).
* powerpc/lib/sstep: Remove unneeded #ifdef **powerpc64** (bsc#1194869).
* powerpc/lib/sstep: Use l1_dcache_bytes() instead of opencoding
(bsc#1194869).
* powerpc/lib/sstep: use truncate_if_32bit() (bsc#1194869).
* powerpc/pseries/iommu: IOMMU table is not initialized for kdump over SR-IOV
(bsc#1220492 ltc#205270).
* powerpc/pseries: Fix potential memleak in papr_get_attr() (bsc#1200465
ltc#197256 jsc#SLE-18130 git-fixes).
* powerpc/sstep: Use bitwise instead of arithmetic operator for flags
(bsc#1194869).
* powerpc: add compile-time support for lbarx, lharx (bsc#1194869).
* pwm: mediatek: Update kernel doc for struct pwm_mediatek_of_data (git-
fixes).
* qedf: Do not process stag work during unload (bsc#1214852).
* qedf: Wait for stag work during unload (bsc#1214852).
* raid1: fix use-after-free for original bio in raid1_write_request()
(bsc#1221097).
* ras/amd/fmpm: Add debugfs interface to print record entries (jsc#PED-7619).
* ras/amd/fmpm: Avoid NULL ptr deref in get_saved_records() (jsc#PED-7619).
* ras/amd/fmpm: Fix build when debugfs is not enabled (jsc#PED-7619).
* ras/amd/fmpm: Fix off by one when unwinding on error (jsc#PED-7619).
* ras/amd/fmpm: Safely handle saved records of various sizes (jsc#PED-7619).
* ras/amd/fmpm: Save SPA values (jsc#PED-7619).
* ras: Avoid build errors when CONFIG_DEBUG_FS=n (git-fixes).
* ras: export helper to get ras_debugfs_dir (jsc#PED-7619).
* rdma/device: Fix a race between mad_client and cm_client init (git-fixes)
* rdma/hns: fix mis-modifying default congestion control algorithm (git-fixes)
* rdma/ipoib: Fix error code return in ipoib_mcast_join (git-fixes)
* rdma/irdma: Remove duplicate assignment (git-fixes)
* rdma/mana_ib: Fix bug in creation of dma regions (git-fixes).
* rdma/mlx5: fix fortify source warning while accessing Eth segment (git-
fixes)
* rdma/mlx5: relax DEVX access upon modify commands (git-fixes)
* rdma/rtrs-clt: Check strnlen return len in sysfs mpath_policy_store() (git-
fixes)
* rdma/srpt: do not register event handler until srpt device is fully setup
(git-fixes)
* revert "PCI: tegra194: Enable support for 256 Byte payload" (git-fixes).
* revert "Revert "drm/amdgpu/display: change pipe policy for DCN 2.0"" (git-
fixes).
* revert "SUNRPC dont update timeout value on connection reset" (git-fixes).
* revert "drm/amd: Disable PSR-SU on Parade 0803 TCON" (git-fixes).
* revert "drm/amd: Disable S/G for APUs when 64GB or more host memory" (git-
fixes).
* revert "drm/amdgpu/display: change pipe policy for DCN 2.0" (git-fixes).
* revert "drm/amdgpu/display: change pipe policy for DCN 2.1" (git-fixes).
* revert "drm/vc4: hdmi: Enforce the minimum rate at runtime_resume" (git-
fixes).
* revert "fbdev: flush deferred IO before closing (git-fixes)." (bsc#1221814)
* ring-buffer: Clean ring_buffer_poll_wait() error return (git-fixes).
* rtc: mt6397: select IRQ_DOMAIN instead of depending on it (git-fixes).
* s390/pai: fix attr_event_free upper limit for pai device drivers (git-fixes
bsc#1221633).
* s390/vfio-ap: realize the VFIO_DEVICE_GET_IRQ_INFO ioctl (bsc#1205316).
* s390/vfio-ap: realize the VFIO_DEVICE_SET_IRQS ioctl (bsc#1205316).
* s390/vfio-ap: wire in the vfio_device_ops request callback (bsc#1205316).
* s390/vtime: fix average steal time calculation (git-fixes bsc#1221951).
* sched/rt: Disallow writing invalid values to sched_rt_period_us
(bsc#1220176).
* sched/rt: sysctl_sched_rr_timeslice show default timeslice after reset
(bsc#1220176).
* scsi: lpfc: Copyright updates for 14.4.0.1 patches (bsc#1221777).
* scsi: lpfc: Correct size for cmdwqe/rspwqe for memset() (bsc#1221777).
* scsi: lpfc: Correct size for wqe for memset() (bsc#1221777).
* scsi: lpfc: Define lpfc_dmabuf type for ctx_buf ptr (bsc#1221777).
* scsi: lpfc: Define lpfc_nodelist type for ctx_ndlp ptr (bsc#1221777).
* scsi: lpfc: Define types in a union for generic void *context3 ptr
(bsc#1221777).
* scsi: lpfc: Move NPIV's transport unregistration to after resource clean up
(bsc#1221777).
* scsi: lpfc: Release hbalock before calling lpfc_worker_wake_up()
(bsc#1221777).
* scsi: lpfc: Remove IRQF_ONESHOT flag from threaded IRQ handling (bsc#1221777
bsc#1217959).
* scsi: lpfc: Remove unnecessary log message in queuecommand path
(bsc#1221777).
* scsi: lpfc: Replace hbalock with ndlp lock in lpfc_nvme_unregister_port()
(bsc#1221777).
* scsi: lpfc: Update lpfc version to 14.4.0.1 (bsc#1221777).
* scsi: lpfc: Update lpfc_ramp_down_queue_handler() logic (bsc#1221777).
* scsi: lpfc: Use a dedicated lock for ras_fwlog state (bsc#1221777).
* scsi: qedf: Remove set but unused variable 'page' (bsc#1214852).
* scsi: qedf: Remove unused 'num_handled' variable (bsc#1214852).
* scsi: qedf: Remove unused declaration (bsc#1214852).
* scsi: qla2xxx: Change debug message during driver unload (bsc1221816).
* scsi: qla2xxx: Delay I/O Abort on PCI error (bsc1221816).
* scsi: qla2xxx: Fix N2N stuck connection (bsc1221816).
* scsi: qla2xxx: Fix command flush on cable pull (bsc1221816).
* scsi: qla2xxx: Fix double free of fcport (bsc1221816).
* scsi: qla2xxx: Fix double free of the ha->vp_map pointer (bsc1221816).
* scsi: qla2xxx: NVME|FCP prefer flag not being honored (bsc1221816).
* scsi: qla2xxx: Prevent command send on chip reset (bsc1221816).
* scsi: qla2xxx: Split FCE|EFT trace control (bsc1221816).
* scsi: qla2xxx: Update manufacturer detail (bsc1221816).
* scsi: qla2xxx: Update version to 10.02.09.200-k (bsc1221816).
* scsi: storvsc: Fix ring buffer size calculation (git-fixes).
* scsi: target: core: Silence the message about unknown VPD pages
(bsc#1221252).
* selftests/bpf: add generic BPF program tester-loader (bsc#1222033).
* serial: 8250_exar: Do not remove GPIO device on suspend (git-fixes).
* serial: max310x: fix syntax error in IRQ error message (git-fixes).
* slimbus: core: Remove usage of the deprecated ida_simple_xx() API (git-
fixes).
* soc: fsl: qbman: Always disable interrupts when taking cgr_lock (git-fixes).
* spi: lm70llp: fix links in doc and comments (git-fixes).
* spi: spi-mt65xx: Fix NULL pointer access in interrupt handler (git-fixes).
* sr9800: Add check for usbnet_get_endpoints (git-fixes).
* stackdepot: rename pool_index to pool_index_plus_1 (git-fixes).
* staging: vc04_services: fix information leak in create_component() (git-
fixes).
* sunrpc: Add an IS_ERR() check back to where it was (git-fixes).
* sunrpc: ECONNRESET might require a rebind (git-fixes).
* sunrpc: Fix RPC client cleaned up the freed pipefs dentries (git-fixes).
* sunrpc: Fix a suspicious RCU usage warning (git-fixes).
* sunrpc: fix a memleak in gss_import_v2_context (git-fixes).
* sunrpc: fix some memleaks in gssx_dec_option_array (git-fixes).
* svcrdma: Drop connection after an RDMA Read error (git-fixes).
* topology/sysfs: Hide PPIN on systems that do not support it (jsc#PED-7618).
* topology: Fix up build warning in topology_is_visible() (jsc#PED-7618).
* tracing/probes: Fix to show a parse error for bad type for $comm (git-
fixes).
* tracing: Fix wasted memory in saved_cmdlines logic (git-fixes).
* tracing: Inform kmemleak of saved_cmdlines allocation (git-fixes).
* tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc (bsc#1222619).
* tty: serial: fsl_lpuart: avoid idle preamble pending if CTS is enabled (git-
fixes).
* tty: serial: samsung: fix tx_empty() to return TIOCSER_TEMT (git-fixes).
* tty: vt: fix 20 vs 0x20 typo in EScsiignore (git-fixes).
* ubifs: Queue up space reservation tasks if retrying many times (git-fixes).
* ubifs: Remove unreachable code in dbg_check_ltab_lnum (git-fixes).
* ubifs: Set page uptodate in the correct place (git-fixes).
* ubifs: dbg_check_idx_size: Fix kmemleak if loading znode failed (git-fixes).
* ubifs: fix sort function prototype (git-fixes).
* usb: audio-v2: Correct comments for struct uac_clock_selector_descriptor
(git-fixes).
* usb: cdc-wdm: close race between read and workqueue (git-fixes).
* usb: core: Fix deadlock in usb_deauthorize_interface() (git-fixes).
* usb: dwc2: gadget: Fix exiting from clock gating (git-fixes).
* usb: dwc2: gadget: LPM flow fix (git-fixes).
* usb: dwc2: host: Fix ISOC flow in DDMA mode (git-fixes).
* usb: dwc2: host: Fix hibernation flow (git-fixes).
* usb: dwc2: host: Fix remote wakeup from hibernation (git-fixes).
* usb: dwc3: Properly set system wakeup (git-fixes).
* usb: f_mass_storage: forbid async queue when shutdown happen (git-fixes).
* usb: gadget: ncm: Fix handling of zero block length packets (git-fixes).
* usb: gadget: net2272: Use irqflags in the call to net2272_probe_fin (git-
fixes).
* usb: hub: Replace hardcoded quirk value with BIT() macro (git-fixes).
* usb: port: Do not try to peer unused USB ports based on location (git-
fixes).
* usb: typec: Return size of buffer if pd_set operation succeeds (git-fixes).
* usb: typec: ucsi: Check for notifications after init (git-fixes).
* usb: typec: ucsi: Clean up UCSI_CABLE_PROP macros (git-fixes).
* usb: typec: ucsi: Clear EVENT_PENDING under PPM lock (git-fixes).
* usb: usb-storage: Prevent divide-by-0 error in isd200_ata_command (git-
fixes).
* usb: xhci: Add error handling in xhci_map_urb_for_dma (git-fixes).
* vboxsf: Avoid an spurious warning if load_nls_xxx() fails (git-fixes).
* vt: fix unicode buffer corruption when deleting characters (git-fixes).
* watchdog: stm32_iwdg: initialize default timeout (git-fixes).
* wifi: ath10k: fix NULL pointer dereference in
ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev() (git-fixes).
* wifi: ath11k: decrease MHI channel buffer length to 8KB (bsc#1207948).
* wifi: ath11k: initialize rx_mcs_80 and rx_mcs_160 before use (git-fixes).
* wifi: ath9k: delay all of ath9k_wmi_event_tasklet() until init is complete
(git-fixes).
* wifi: b43: Disable QoS for bcm4331 (git-fixes).
* wifi: b43: Stop correct queue in DMA worker when QoS is disabled (git-
fixes).
* wifi: b43: Stop/wake correct queue in DMA Tx path when QoS is disabled (git-
fixes).
* wifi: b43: Stop/wake correct queue in PIO Tx path when QoS is disabled (git-
fixes).
* wifi: brcmfmac: fix copyright year mentioned in platform_data header (git-
fixes).
* wifi: brcmsmac: avoid function pointer casts (git-fixes).
* wifi: iwlwifi: dbg-tlv: ensure NUL termination (git-fixes).
* wifi: iwlwifi: fix EWRD table validity check (git-fixes).
* wifi: iwlwifi: fw: do not always use FW dump trig (git-fixes).
* wifi: iwlwifi: mvm: do not set replay counters to 0xff (git-fixes).
* wifi: iwlwifi: mvm: report beacon protection failures (git-fixes).
* wifi: iwlwifi: mvm: rfi: fix potential response leaks (git-fixes).
* wifi: iwlwifi: mvm: use FW rate for non-data only on new devices (git-
fixes).
* wifi: libertas: fix some memleaks in lbs_allocate_cmd_buffer() (git-fixes).
* wifi: mwifiex: debugfs: Drop unnecessary error check for
debugfs_create_dir() (git-fixes).
* wifi: rtl8xxxu: add cancel_work_sync() for c2hcmd_work (git-fixes).
* wifi: rtw88: 8821c: Fix false alarm count (git-fixes).
* wifi: wilc1000: fix RCU usage in connect path (git-fixes).
* wifi: wilc1000: fix declarations ordering (stable-fixes).
* wifi: wilc1000: fix multi-vif management when deleting a vif (git-fixes).
* wifi: wilc1000: prevent use-after-free on vif when cleaning up all
interfaces (git-fixes).
* x86/CPU/AMD: Update the Zenbleed microcode revisions (git-fixes).
* x86/bugs: Fix the SRSO mitigation on Zen3/4 (git-fixes).
* x86/fpu: Keep xfd_state in sync with MSR_IA32_XFD (git-fixes).
* xhci: handle isoc Babble and Buffer Overrun events properly (git-fixes).
* xhci: process isoc TD properly when there was a transaction error mid TD
(git-fixes).

## Special Instructions and Notes:

* Please reboot the system after installing this update.

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.5
zypper in -t patch SUSE-2024-1322=1 openSUSE-SLE-15.5-2024-1322=1

* SUSE Linux Enterprise Micro 5.5
zypper in -t patch SUSE-SLE-Micro-5.5-2024-1322=1

* SUSE Linux Enterprise Live Patching 15-SP5
zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2024-1322=1

* SUSE Real Time Module 15-SP5
zypper in -t patch SUSE-SLE-Module-RT-15-SP5-2024-1322=1

## Package List:

* openSUSE Leap 15.5 (noarch)
* kernel-devel-rt-5.14.21-150500.13.43.1
* kernel-source-rt-5.14.21-150500.13.43.1
* openSUSE Leap 15.5 (x86_64)
* kernel-rt-vdso-5.14.21-150500.13.43.1
* gfs2-kmp-rt-5.14.21-150500.13.43.1
* kernel-rt_debug-devel-5.14.21-150500.13.43.1
* cluster-md-kmp-rt-5.14.21-150500.13.43.1
* kernel-livepatch-5_14_21-150500_13_43-rt-1-150500.11.5.1
* kernel-rt_debug-vdso-debuginfo-5.14.21-150500.13.43.1
* kernel-rt-debuginfo-5.14.21-150500.13.43.1
* kselftests-kmp-rt-5.14.21-150500.13.43.1
* ocfs2-kmp-rt-5.14.21-150500.13.43.1
* kernel-rt-devel-debuginfo-5.14.21-150500.13.43.1
* kernel-rt-livepatch-5.14.21-150500.13.43.1
* kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo-1-150500.11.5.1
* kernel-rt-extra-debuginfo-5.14.21-150500.13.43.1
* dlm-kmp-rt-debuginfo-5.14.21-150500.13.43.1
* reiserfs-kmp-rt-debuginfo-5.14.21-150500.13.43.1
* kernel-rt-extra-5.14.21-150500.13.43.1
* kernel-rt-optional-debuginfo-5.14.21-150500.13.43.1
* kernel-rt_debug-livepatch-devel-5.14.21-150500.13.43.1
* kernel-syms-rt-5.14.21-150500.13.43.1
* gfs2-kmp-rt-debuginfo-5.14.21-150500.13.43.1
* ocfs2-kmp-rt-debuginfo-5.14.21-150500.13.43.1
* kernel-rt_debug-debugsource-5.14.21-150500.13.43.1
* kernel-rt-debugsource-5.14.21-150500.13.43.1
* kernel-rt-vdso-debuginfo-5.14.21-150500.13.43.1
* dlm-kmp-rt-5.14.21-150500.13.43.1
* cluster-md-kmp-rt-debuginfo-5.14.21-150500.13.43.1
* kernel-rt_debug-debuginfo-5.14.21-150500.13.43.1
* kselftests-kmp-rt-debuginfo-5.14.21-150500.13.43.1
* kernel-rt-optional-5.14.21-150500.13.43.1
* kernel-rt-devel-5.14.21-150500.13.43.1
* kernel-rt_debug-devel-debuginfo-5.14.21-150500.13.43.1
* kernel-rt_debug-vdso-5.14.21-150500.13.43.1
* kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource-1-150500.11.5.1
* kernel-rt-livepatch-devel-5.14.21-150500.13.43.1
* reiserfs-kmp-rt-5.14.21-150500.13.43.1
* openSUSE Leap 15.5 (nosrc x86_64)
* kernel-rt_debug-5.14.21-150500.13.43.1
* kernel-rt-5.14.21-150500.13.43.1
* SUSE Linux Enterprise Micro 5.5 (nosrc x86_64)
* kernel-rt-5.14.21-150500.13.43.1
* SUSE Linux Enterprise Micro 5.5 (x86_64)
* kernel-rt-debuginfo-5.14.21-150500.13.43.1
* kernel-rt-debugsource-5.14.21-150500.13.43.1
* SUSE Linux Enterprise Micro 5.5 (noarch)
* kernel-source-rt-5.14.21-150500.13.43.1
* SUSE Linux Enterprise Live Patching 15-SP5 (x86_64)
* kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource-1-150500.11.5.1
* kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo-1-150500.11.5.1
* kernel-livepatch-5_14_21-150500_13_43-rt-1-150500.11.5.1
* SUSE Real Time Module 15-SP5 (x86_64)
* kernel-rt-vdso-5.14.21-150500.13.43.1
* gfs2-kmp-rt-5.14.21-150500.13.43.1
* kernel-rt_debug-devel-5.14.21-150500.13.43.1
* cluster-md-kmp-rt-5.14.21-150500.13.43.1
* kernel-rt_debug-vdso-debuginfo-5.14.21-150500.13.43.1
* kernel-rt-debuginfo-5.14.21-150500.13.43.1
* ocfs2-kmp-rt-5.14.21-150500.13.43.1
* kernel-rt-devel-debuginfo-5.14.21-150500.13.43.1
* dlm-kmp-rt-debuginfo-5.14.21-150500.13.43.1
* kernel-syms-rt-5.14.21-150500.13.43.1
* gfs2-kmp-rt-debuginfo-5.14.21-150500.13.43.1
* ocfs2-kmp-rt-debuginfo-5.14.21-150500.13.43.1
* kernel-rt_debug-debugsource-5.14.21-150500.13.43.1
* kernel-rt-debugsource-5.14.21-150500.13.43.1
* kernel-rt-vdso-debuginfo-5.14.21-150500.13.43.1
* dlm-kmp-rt-5.14.21-150500.13.43.1
* cluster-md-kmp-rt-debuginfo-5.14.21-150500.13.43.1
* kernel-rt_debug-debuginfo-5.14.21-150500.13.43.1
* kernel-rt-devel-5.14.21-150500.13.43.1
* kernel-rt_debug-devel-debuginfo-5.14.21-150500.13.43.1
* kernel-rt_debug-vdso-5.14.21-150500.13.43.1
* SUSE Real Time Module 15-SP5 (noarch)
* kernel-devel-rt-5.14.21-150500.13.43.1
* kernel-source-rt-5.14.21-150500.13.43.1
* SUSE Real Time Module 15-SP5 (nosrc x86_64)
* kernel-rt_debug-5.14.21-150500.13.43.1
* kernel-rt-5.14.21-150500.13.43.1

## References:

* https://www.suse.com/security/cve/CVE-2021-46925.html
* https://www.suse.com/security/cve/CVE-2021-46926.html
* https://www.suse.com/security/cve/CVE-2021-46927.html
* https://www.suse.com/security/cve/CVE-2021-46929.html
* https://www.suse.com/security/cve/CVE-2021-46930.html
* https://www.suse.com/security/cve/CVE-2021-46931.html
* https://www.suse.com/security/cve/CVE-2021-46933.html
* https://www.suse.com/security/cve/CVE-2021-46934.html
* https://www.suse.com/security/cve/CVE-2021-46936.html
* https://www.suse.com/security/cve/CVE-2021-47082.html
* https://www.suse.com/security/cve/CVE-2021-47083.html
* https://www.suse.com/security/cve/CVE-2021-47087.html
* https://www.suse.com/security/cve/CVE-2021-47091.html
* https://www.suse.com/security/cve/CVE-2021-47093.html
* https://www.suse.com/security/cve/CVE-2021-47094.html
* https://www.suse.com/security/cve/CVE-2021-47095.html
* https://www.suse.com/security/cve/CVE-2021-47096.html
* https://www.suse.com/security/cve/CVE-2021-47097.html
* https://www.suse.com/security/cve/CVE-2021-47098.html
* https://www.suse.com/security/cve/CVE-2021-47099.html
* https://www.suse.com/security/cve/CVE-2021-47100.html
* https://www.suse.com/security/cve/CVE-2021-47101.html
* https://www.suse.com/security/cve/CVE-2021-47102.html
* https://www.suse.com/security/cve/CVE-2021-47104.html
* https://www.suse.com/security/cve/CVE-2021-47105.html
* https://www.suse.com/security/cve/CVE-2021-47107.html
* https://www.suse.com/security/cve/CVE-2021-47108.html
* https://www.suse.com/security/cve/CVE-2022-4744.html
* https://www.suse.com/security/cve/CVE-2022-48626.html
* https://www.suse.com/security/cve/CVE-2022-48627.html
* https://www.suse.com/security/cve/CVE-2022-48628.html
* https://www.suse.com/security/cve/CVE-2022-48629.html
* https://www.suse.com/security/cve/CVE-2022-48630.html
* https://www.suse.com/security/cve/CVE-2023-0160.html
* https://www.suse.com/security/cve/CVE-2023-28746.html
* https://www.suse.com/security/cve/CVE-2023-35827.html
* https://www.suse.com/security/cve/CVE-2023-4881.html
* https://www.suse.com/security/cve/CVE-2023-52447.html
* https://www.suse.com/security/cve/CVE-2023-52450.html
* https://www.suse.com/security/cve/CVE-2023-52453.html
* https://www.suse.com/security/cve/CVE-2023-52454.html
* https://www.suse.com/security/cve/CVE-2023-52462.html
* https://www.suse.com/security/cve/CVE-2023-52463.html
* https://www.suse.com/security/cve/CVE-2023-52467.html
* https://www.suse.com/security/cve/CVE-2023-52469.html
* https://www.suse.com/security/cve/CVE-2023-52470.html
* https://www.suse.com/security/cve/CVE-2023-52474.html
* https://www.suse.com/security/cve/CVE-2023-52476.html
* https://www.suse.com/security/cve/CVE-2023-52477.html
* https://www.suse.com/security/cve/CVE-2023-52481.html
* https://www.suse.com/security/cve/CVE-2023-52482.html
* https://www.suse.com/security/cve/CVE-2023-52484.html
* https://www.suse.com/security/cve/CVE-2023-52486.html
* https://www.suse.com/security/cve/CVE-2023-52492.html
* https://www.suse.com/security/cve/CVE-2023-52493.html
* https://www.suse.com/security/cve/CVE-2023-52494.html
* https://www.suse.com/security/cve/CVE-2023-52497.html
* https://www.suse.com/security/cve/CVE-2023-52500.html
* https://www.suse.com/security/cve/CVE-2023-52501.html
* https://www.suse.com/security/cve/CVE-2023-52502.html
* https://www.suse.com/security/cve/CVE-2023-52504.html
* https://www.suse.com/security/cve/CVE-2023-52507.html
* https://www.suse.com/security/cve/CVE-2023-52508.html
* https://www.suse.com/security/cve/CVE-2023-52509.html
* https://www.suse.com/security/cve/CVE-2023-52510.html
* https://www.suse.com/security/cve/CVE-2023-52511.html
* https://www.suse.com/security/cve/CVE-2023-52513.html
* https://www.suse.com/security/cve/CVE-2023-52515.html
* https://www.suse.com/security/cve/CVE-2023-52517.html
* https://www.suse.com/security/cve/CVE-2023-52518.html
* https://www.suse.com/security/cve/CVE-2023-52519.html
* https://www.suse.com/security/cve/CVE-2023-52520.html
* https://www.suse.com/security/cve/CVE-2023-52523.html
* https://www.suse.com/security/cve/CVE-2023-52524.html
* https://www.suse.com/security/cve/CVE-2023-52525.html
* https://www.suse.com/security/cve/CVE-2023-52528.html
* https://www.suse.com/security/cve/CVE-2023-52529.html
* https://www.suse.com/security/cve/CVE-2023-52530.html
* https://www.suse.com/security/cve/CVE-2023-52531.html
* https://www.suse.com/security/cve/CVE-2023-52532.html
* https://www.suse.com/security/cve/CVE-2023-52559.html
* https://www.suse.com/security/cve/CVE-2023-52563.html
* https://www.suse.com/security/cve/CVE-2023-52564.html
* https://www.suse.com/security/cve/CVE-2023-52566.html
* https://www.suse.com/security/cve/CVE-2023-52567.html
* https://www.suse.com/security/cve/CVE-2023-52569.html
* https://www.suse.com/security/cve/CVE-2023-52574.html
* https://www.suse.com/security/cve/CVE-2023-52575.html
* https://www.suse.com/security/cve/CVE-2023-52576.html
* https://www.suse.com/security/cve/CVE-2023-52582.html
* https://www.suse.com/security/cve/CVE-2023-52583.html
* https://www.suse.com/security/cve/CVE-2023-52587.html
* https://www.suse.com/security/cve/CVE-2023-52591.html
* https://www.suse.com/security/cve/CVE-2023-52594.html
* https://www.suse.com/security/cve/CVE-2023-52595.html
* https://www.suse.com/security/cve/CVE-2023-52597.html
* https://www.suse.com/security/cve/CVE-2023-52598.html
* https://www.suse.com/security/cve/CVE-2023-52599.html
* https://www.suse.com/security/cve/CVE-2023-52600.html
* https://www.suse.com/security/cve/CVE-2023-52601.html
* https://www.suse.com/security/cve/CVE-2023-52602.html
* https://www.suse.com/security/cve/CVE-2023-52603.html
* https://www.suse.com/security/cve/CVE-2023-52604.html
* https://www.suse.com/security/cve/CVE-2023-52605.html
* https://www.suse.com/security/cve/CVE-2023-52606.html
* https://www.suse.com/security/cve/CVE-2023-52607.html
* https://www.suse.com/security/cve/CVE-2023-52608.html
* https://www.suse.com/security/cve/CVE-2023-52612.html
* https://www.suse.com/security/cve/CVE-2023-52615.html
* https://www.suse.com/security/cve/CVE-2023-52617.html
* https://www.suse.com/security/cve/CVE-2023-52619.html
* https://www.suse.com/security/cve/CVE-2023-52621.html
* https://www.suse.com/security/cve/CVE-2023-52623.html
* https://www.suse.com/security/cve/CVE-2023-52628.html
* https://www.suse.com/security/cve/CVE-2023-52632.html
* https://www.suse.com/security/cve/CVE-2023-52637.html
* https://www.suse.com/security/cve/CVE-2023-52639.html
* https://www.suse.com/security/cve/CVE-2023-6270.html
* https://www.suse.com/security/cve/CVE-2023-6356.html
* https://www.suse.com/security/cve/CVE-2023-6535.html
* https://www.suse.com/security/cve/CVE-2023-6536.html
* https://www.suse.com/security/cve/CVE-2023-7042.html
* https://www.suse.com/security/cve/CVE-2023-7192.html
* https://www.suse.com/security/cve/CVE-2024-0841.html
* https://www.suse.com/security/cve/CVE-2024-2201.html
* https://www.suse.com/security/cve/CVE-2024-22099.html
* https://www.suse.com/security/cve/CVE-2024-23307.html
* https://www.suse.com/security/cve/CVE-2024-25739.html
* https://www.suse.com/security/cve/CVE-2024-25742.html
* https://www.suse.com/security/cve/CVE-2024-26599.html
* https://www.suse.com/security/cve/CVE-2024-26600.html
* https://www.suse.com/security/cve/CVE-2024-26602.html
* https://www.suse.com/security/cve/CVE-2024-26607.html
* https://www.suse.com/security/cve/CVE-2024-26612.html
* https://www.suse.com/security/cve/CVE-2024-26614.html
* https://www.suse.com/security/cve/CVE-2024-26620.html
* https://www.suse.com/security/cve/CVE-2024-26627.html
* https://www.suse.com/security/cve/CVE-2024-26629.html
* https://www.suse.com/security/cve/CVE-2024-26642.html
* https://www.suse.com/security/cve/CVE-2024-26645.html
* https://www.suse.com/security/cve/CVE-2024-26646.html
* https://www.suse.com/security/cve/CVE-2024-26651.html
* https://www.suse.com/security/cve/CVE-2024-26654.html
* https://www.suse.com/security/cve/CVE-2024-26659.html
* https://www.suse.com/security/cve/CVE-2024-26664.html
* https://www.suse.com/security/cve/CVE-2024-26667.html
* https://www.suse.com/security/cve/CVE-2024-26670.html
* https://www.suse.com/security/cve/CVE-2024-26695.html
* https://www.suse.com/security/cve/CVE-2024-26717.html
* https://bugzilla.suse.com/show_bug.cgi?id=1194869
* https://bugzilla.suse.com/show_bug.cgi?id=1200465
* https://bugzilla.suse.com/show_bug.cgi?id=1205316
* https://bugzilla.suse.com/show_bug.cgi?id=1207948
* https://bugzilla.suse.com/show_bug.cgi?id=1209635
* https://bugzilla.suse.com/show_bug.cgi?id=1209657
* https://bugzilla.suse.com/show_bug.cgi?id=1212514
* https://bugzilla.suse.com/show_bug.cgi?id=1213456
* https://bugzilla.suse.com/show_bug.cgi?id=1214852
* https://bugzilla.suse.com/show_bug.cgi?id=1215221
* https://bugzilla.suse.com/show_bug.cgi?id=1215322
* https://bugzilla.suse.com/show_bug.cgi?id=1217339
* https://bugzilla.suse.com/show_bug.cgi?id=1217959
* https://bugzilla.suse.com/show_bug.cgi?id=1217987
* https://bugzilla.suse.com/show_bug.cgi?id=1217988
* https://bugzilla.suse.com/show_bug.cgi?id=1217989
* https://bugzilla.suse.com/show_bug.cgi?id=1218321
* https://bugzilla.suse.com/show_bug.cgi?id=1218336
* https://bugzilla.suse.com/show_bug.cgi?id=1218479
* https://bugzilla.suse.com/show_bug.cgi?id=1218562
* https://bugzilla.suse.com/show_bug.cgi?id=1218643
* https://bugzilla.suse.com/show_bug.cgi?id=1218777
* https://bugzilla.suse.com/show_bug.cgi?id=1219169
* https://bugzilla.suse.com/show_bug.cgi?id=1219170
* https://bugzilla.suse.com/show_bug.cgi?id=1219264
* https://bugzilla.suse.com/show_bug.cgi?id=1219834
* https://bugzilla.suse.com/show_bug.cgi?id=1220114
* https://bugzilla.suse.com/show_bug.cgi?id=1220176
* https://bugzilla.suse.com/show_bug.cgi?id=1220237
* https://bugzilla.suse.com/show_bug.cgi?id=1220251
* https://bugzilla.suse.com/show_bug.cgi?id=1220320
* https://bugzilla.suse.com/show_bug.cgi?id=1220325
* https://bugzilla.suse.com/show_bug.cgi?id=1220328
* https://bugzilla.suse.com/show_bug.cgi?id=1220337
* https://bugzilla.suse.com/show_bug.cgi?id=1220340
* https://bugzilla.suse.com/show_bug.cgi?id=1220365
* https://bugzilla.suse.com/show_bug.cgi?id=1220366
* https://bugzilla.suse.com/show_bug.cgi?id=1220398
* https://bugzilla.suse.com/show_bug.cgi?id=1220411
* https://bugzilla.suse.com/show_bug.cgi?id=1220413
* https://bugzilla.suse.com/show_bug.cgi?id=1220433
* https://bugzilla.suse.com/show_bug.cgi?id=1220439
* https://bugzilla.suse.com/show_bug.cgi?id=1220443
* https://bugzilla.suse.com/show_bug.cgi?id=1220445
* https://bugzilla.suse.com/show_bug.cgi?id=1220466
* https://bugzilla.suse.com/show_bug.cgi?id=1220469
* https://bugzilla.suse.com/show_bug.cgi?id=1220478
* https://bugzilla.suse.com/show_bug.cgi?id=1220482
* https://bugzilla.suse.com/show_bug.cgi?id=1220484
* https://bugzilla.suse.com/show_bug.cgi?id=1220486
* https://bugzilla.suse.com/show_bug.cgi?id=1220487
* https://bugzilla.suse.com/show_bug.cgi?id=1220492
* https://bugzilla.suse.com/show_bug.cgi?id=1220703
* https://bugzilla.suse.com/show_bug.cgi?id=1220735
* https://bugzilla.suse.com/show_bug.cgi?id=1220736
* https://bugzilla.suse.com/show_bug.cgi?id=1220775
* https://bugzilla.suse.com/show_bug.cgi?id=1220790
* https://bugzilla.suse.com/show_bug.cgi?id=1220797
* https://bugzilla.suse.com/show_bug.cgi?id=1220831
* https://bugzilla.suse.com/show_bug.cgi?id=1220833
* https://bugzilla.suse.com/show_bug.cgi?id=1220836
* https://bugzilla.suse.com/show_bug.cgi?id=1220839
* https://bugzilla.suse.com/show_bug.cgi?id=1220840
* https://bugzilla.suse.com/show_bug.cgi?id=1220843
* https://bugzilla.suse.com/show_bug.cgi?id=1220845
* https://bugzilla.suse.com/show_bug.cgi?id=1220848
* https://bugzilla.suse.com/show_bug.cgi?id=1220870
* https://bugzilla.suse.com/show_bug.cgi?id=1220871
* https://bugzilla.suse.com/show_bug.cgi?id=1220872
* https://bugzilla.suse.com/show_bug.cgi?id=1220878
* https://bugzilla.suse.com/show_bug.cgi?id=1220879
* https://bugzilla.suse.com/show_bug.cgi?id=1220883
* https://bugzilla.suse.com/show_bug.cgi?id=1220885
* https://bugzilla.suse.com/show_bug.cgi?id=1220887
* https://bugzilla.suse.com/show_bug.cgi?id=1220898
* https://bugzilla.suse.com/show_bug.cgi?id=1220917
* https://bugzilla.suse.com/show_bug.cgi?id=1220918
* https://bugzilla.suse.com/show_bug.cgi?id=1220920
* https://bugzilla.suse.com/show_bug.cgi?id=1220921
* https://bugzilla.suse.com/show_bug.cgi?id=1220926
* https://bugzilla.suse.com/show_bug.cgi?id=1220927
* https://bugzilla.suse.com/show_bug.cgi?id=1220929
* https://bugzilla.suse.com/show_bug.cgi?id=1220930
* https://bugzilla.suse.com/show_bug.cgi?id=1220931
* https://bugzilla.suse.com/show_bug.cgi?id=1220932
* https://bugzilla.suse.com/show_bug.cgi?id=1220933
* https://bugzilla.suse.com/show_bug.cgi?id=1220937
* https://bugzilla.suse.com/show_bug.cgi?id=1220938
* https://bugzilla.suse.com/show_bug.cgi?id=1220940
* https://bugzilla.suse.com/show_bug.cgi?id=1220954
* https://bugzilla.suse.com/show_bug.cgi?id=1220955
* https://bugzilla.suse.com/show_bug.cgi?id=1220959
* https://bugzilla.suse.com/show_bug.cgi?id=1220960
* https://bugzilla.suse.com/show_bug.cgi?id=1220961
* https://bugzilla.suse.com/show_bug.cgi?id=1220965
* https://bugzilla.suse.com/show_bug.cgi?id=1220969
* https://bugzilla.suse.com/show_bug.cgi?id=1220978
* https://bugzilla.suse.com/show_bug.cgi?id=1220979
* https://bugzilla.suse.com/show_bug.cgi?id=1220981
* https://bugzilla.suse.com/show_bug.cgi?id=1220982
* https://bugzilla.suse.com/show_bug.cgi?id=1220983
* https://bugzilla.suse.com/show_bug.cgi?id=1220985
* https://bugzilla.suse.com/show_bug.cgi?id=1220986
* https://bugzilla.suse.com/show_bug.cgi?id=1220987
* https://bugzilla.suse.com/show_bug.cgi?id=1220989
* https://bugzilla.suse.com/show_bug.cgi?id=1220990
* https://bugzilla.suse.com/show_bug.cgi?id=1221009
* https://bugzilla.suse.com/show_bug.cgi?id=1221012
* https://bugzilla.suse.com/show_bug.cgi?id=1221015
* https://bugzilla.suse.com/show_bug.cgi?id=1221022
* https://bugzilla.suse.com/show_bug.cgi?id=1221039
* https://bugzilla.suse.com/show_bug.cgi?id=1221040
* https://bugzilla.suse.com/show_bug.cgi?id=1221044
* https://bugzilla.suse.com/show_bug.cgi?id=1221045
* https://bugzilla.suse.com/show_bug.cgi?id=1221046
* https://bugzilla.suse.com/show_bug.cgi?id=1221048
* https://bugzilla.suse.com/show_bug.cgi?id=1221055
* https://bugzilla.suse.com/show_bug.cgi?id=1221056
* https://bugzilla.suse.com/show_bug.cgi?id=1221058
* https://bugzilla.suse.com/show_bug.cgi?id=1221060
* https://bugzilla.suse.com/show_bug.cgi?id=1221061
* https://bugzilla.suse.com/show_bug.cgi?id=1221062
* https://bugzilla.suse.com/show_bug.cgi?id=1221066
* https://bugzilla.suse.com/show_bug.cgi?id=1221067
* https://bugzilla.suse.com/show_bug.cgi?id=1221068
* https://bugzilla.suse.com/show_bug.cgi?id=1221069
* https://bugzilla.suse.com/show_bug.cgi?id=1221070
* https://bugzilla.suse.com/show_bug.cgi?id=1221071
* https://bugzilla.suse.com/show_bug.cgi?id=1221077
* https://bugzilla.suse.com/show_bug.cgi?id=1221082
* https://bugzilla.suse.com/show_bug.cgi?id=1221090
* https://bugzilla.suse.com/show_bug.cgi?id=1221097
* https://bugzilla.suse.com/show_bug.cgi?id=1221156
* https://bugzilla.suse.com/show_bug.cgi?id=1221252
* https://bugzilla.suse.com/show_bug.cgi?id=1221273
* https://bugzilla.suse.com/show_bug.cgi?id=1221274
* https://bugzilla.suse.com/show_bug.cgi?id=1221276
* https://bugzilla.suse.com/show_bug.cgi?id=1221277
* https://bugzilla.suse.com/show_bug.cgi?id=1221291
* https://bugzilla.suse.com/show_bug.cgi?id=1221293
* https://bugzilla.suse.com/show_bug.cgi?id=1221298
* https://bugzilla.suse.com/show_bug.cgi?id=1221337
* https://bugzilla.suse.com/show_bug.cgi?id=1221338
* https://bugzilla.suse.com/show_bug.cgi?id=1221375
* https://bugzilla.suse.com/show_bug.cgi?id=1221379
* https://bugzilla.suse.com/show_bug.cgi?id=1221551
* https://bugzilla.suse.com/show_bug.cgi?id=1221553
* https://bugzilla.suse.com/show_bug.cgi?id=1221613
* https://bugzilla.suse.com/show_bug.cgi?id=1221614
* https://bugzilla.suse.com/show_bug.cgi?id=1221616
* https://bugzilla.suse.com/show_bug.cgi?id=1221618
* https://bugzilla.suse.com/show_bug.cgi?id=1221631
* https://bugzilla.suse.com/show_bug.cgi?id=1221633
* https://bugzilla.suse.com/show_bug.cgi?id=1221713
* https://bugzilla.suse.com/show_bug.cgi?id=1221725
* https://bugzilla.suse.com/show_bug.cgi?id=1221777
* https://bugzilla.suse.com/show_bug.cgi?id=1221814
* https://bugzilla.suse.com/show_bug.cgi?id=1221816
* https://bugzilla.suse.com/show_bug.cgi?id=1221830
* https://bugzilla.suse.com/show_bug.cgi?id=1221951
* https://bugzilla.suse.com/show_bug.cgi?id=1222033
* https://bugzilla.suse.com/show_bug.cgi?id=1222056
* https://bugzilla.suse.com/show_bug.cgi?id=1222060
* https://bugzilla.suse.com/show_bug.cgi?id=1222070
* https://bugzilla.suse.com/show_bug.cgi?id=1222073
* https://bugzilla.suse.com/show_bug.cgi?id=1222117
* https://bugzilla.suse.com/show_bug.cgi?id=1222274
* https://bugzilla.suse.com/show_bug.cgi?id=1222291
* https://bugzilla.suse.com/show_bug.cgi?id=1222300
* https://bugzilla.suse.com/show_bug.cgi?id=1222304
* https://bugzilla.suse.com/show_bug.cgi?id=1222317
* https://bugzilla.suse.com/show_bug.cgi?id=1222331
* https://bugzilla.suse.com/show_bug.cgi?id=1222355
* https://bugzilla.suse.com/show_bug.cgi?id=1222356
* https://bugzilla.suse.com/show_bug.cgi?id=1222360
* https://bugzilla.suse.com/show_bug.cgi?id=1222366
* https://bugzilla.suse.com/show_bug.cgi?id=1222373
* https://bugzilla.suse.com/show_bug.cgi?id=1222619
* https://jira.suse.com/browse/PED-5759
* https://jira.suse.com/browse/PED-7167
* https://jira.suse.com/browse/PED-7618
* https://jira.suse.com/browse/PED-7619



openSUSE-SU-2022:0150-1: important: Security update for seamonkey


openSUSE Security Update: Security update for seamonkey
_______________________________

Announcement ID: openSUSE-SU-2022:0150-1
Rating: important
References: #1194735
Cross-References: CVE-2021-45417
CVSS scores:
CVE-2021-45417 (SUSE): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected Products:
openSUSE Leap 15.3
_______________________________

An update that fixes one vulnerability is now available.

Description:

This update for seamonkey fixes the following issues:

Update to SeaMonkey 2.53.12

* Format Toolbar forgets its hidden status when switching to other view
modes bug 1719020.
* Remove obsolete plugin code from SeaMonkey bug 1762733.
* Fix a few strict warnings in SeaMonkey bug 1755553.
* Remove Run Flash from Site permissions and page info bug 1758289.
* Use fixIterator and replace use of removeItemAt in FilterListDialog bug
1756359.
* Remove RDF usage in tabmail.js bug 1758282.
* Implement 'Edit Template' and 'New Message From Template' commands and
UI bug 1759376.
* [SM] Implement 'Edit Draft' command and hide it when not in a draft
folder (port Thunderbird bug 1106412) bug 1256716.
* Messages in Template folder need "Edit Template" button in header (like
for Drafts) bug 80280.
* Refactor and simplify the feed Subscribe dialog options updates bug
1420473.
* Add system memory and disk size and placeDB page limit to about:support
bug 1753729.
* Remove warning about missing plugins in SeaMonkey 2.53 and 2.57 bug
1755558.
* SeaMonkey 2.53.12 uses the same backend as Firefox and contains the
relevant Firefox 60.8 security fixes.
* SeaMonkey 2.53.12 shares most parts of the mail and news code with
Thunderbird. Please read the Thunderbird 60.8.0 release notes for
specific security fixes in this release.
* Additional important security fixes up to Current Firefox 91.9 and
Thunderbird 91.9 ESR plus many enhancements have been backported. We
will continue to enhance SeaMonkey security in subsequent 2.53.x beta
and release versions as fast as we are able to.

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Leap 15.3:

zypper in -t patch openSUSE-2022-150=1 openSUSE-SLE-15.3-2022-150=1

Package List:

- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):

aide-0.16-24.1
aide-debuginfo-0.16-24.1
aide-debugsource-0.16-24.1
aide-test-0.16-24.1

- openSUSE Leap 15.3 (i586 s390x x86_64):

seamonkey-2.53.12-lp153.17.8.2
seamonkey-debuginfo-2.53.12-lp153.17.8.2
seamonkey-debugsource-2.53.12-lp153.17.8.2
seamonkey-dom-inspector-2.53.12-lp153.17.8.2
seamonkey-irc-2.53.12-lp153.17.8.2

References:

https://www.suse.com/security/cve/CVE-2021-45417.html
https://bugzilla.suse.com/1194735



openSUSE-SU-2022:10002-1: important: Security update for librecad


openSUSE Security Update: Security update for librecad
_______________________________

Announcement ID: openSUSE-SU-2022:10002-1
Rating: important
References: #1195105 #1195122 #1197664
Cross-References: CVE-2021-45341 CVE-2021-45342
CVSS scores:
CVE-2021-45341 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2021-45342 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected Products:
openSUSE Backports SLE-15-SP4
_______________________________

An update that solves two vulnerabilities and has one
errata is now available.

Description:

This update for librecad fixes the following issues:

- CVE-2021-45341: Fixed a buffer overflow vulnerability in LibreCAD allows
an attacker to achieve remote code execution via a crafted JWW document
[boo#1195105]
- CVE-2021-45342: Fixed a buffer overflow vulnerability in jwwlib in
LibreCAD allows an attacker to achieve remote code execution via a
crafted JWW document [boo#1195122]

- Strip excess blank fields from librecad.desktop:MimeType [boo#1197664]

Update to 2.2.0-rc3

* major release
* DWG imports are more reliable now
* and a lot more of bugfixes and improvements

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Backports SLE-15-SP4:

zypper in -t patch openSUSE-2022-10002=1

Package List:

- openSUSE Backports SLE-15-SP4 (aarch64 i586 ppc64le s390x x86_64):

libdxfrw-debuginfo-1.0.1+git.20220109-bp154.2.3.1
libdxfrw-debugsource-1.0.1+git.20220109-bp154.2.3.1
libdxfrw-devel-1.0.1+git.20220109-bp154.2.3.1
libdxfrw-tools-1.0.1+git.20220109-bp154.2.3.1
libdxfrw-tools-debuginfo-1.0.1+git.20220109-bp154.2.3.1
libdxfrw1-1.0.1+git.20220109-bp154.2.3.1
libdxfrw1-debuginfo-1.0.1+git.20220109-bp154.2.3.1

- openSUSE Backports SLE-15-SP4 (aarch64 ppc64le s390x x86_64):

librecad-2.2.0~rc3-bp154.3.3.1

- openSUSE Backports SLE-15-SP4 (noarch):

librecad-parts-2.2.0~rc3-bp154.3.3.1

References:

https://www.suse.com/security/cve/CVE-2021-45341.html
https://www.suse.com/security/cve/CVE-2021-45342.html
https://bugzilla.suse.com/1195105
https://bugzilla.suse.com/1195122
https://bugzilla.suse.com/1197664



openSUSE-SU-2022:0148-1: important: Security update for varnish


openSUSE Security Update: Security update for varnish
_______________________________

Announcement ID: openSUSE-SU-2022:0148-1
Rating: important
References: #1181400 #1188470 #1195188
Cross-References: CVE-2021-36740 CVE-2022-23959
CVSS scores:
CVE-2021-36740 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
CVE-2021-36740 (SUSE): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2022-23959 (NVD) : 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
CVE-2022-23959 (SUSE): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

Affected Products:
openSUSE Backports SLE-15-SP3
_______________________________

An update that solves two vulnerabilities and has one
errata is now available.

Description:

This update for varnish fixes the following issues:

varnish was updated to release 7.1.0 [boo#1195188] [CVE-2022-23959]

* VCL: It is now possible to assign a BLOB value to a BODY variable, in
addition to STRING as before.
* VMOD: New STRING strftime(TIME time, STRING format) function for UTC
formatting.

Update to release 6.6.1

* CVE-2021-36740: Fix an HTTP/2.0 request smuggling vulnerability.
[boo#1188470]

Update to release 6.6.0:

* The ban_cutoff parameter now refers to the overall length of the ban
list, including completed bans, where before only non-completed
(???active???) bans were counted towards ban_cutoff.
* Body bytes accounting has been fixed to always represent the number of
body bytes moved on the wire, exclusive of protocol-specific overhead
like HTTP/1 chunked encoding or HTTP/2 framing.
* The connection close reason has been fixed to properly report
SC_RESP_CLOSE where previously only SC_REQ_CLOSE was reported.
* Unless the new validate_headers feature is disabled, all newly set
headers are now validated to contain only characters allowed by RFC7230.
* The filter_re, keep_re and get_re functions from the bundled cookie vmod
have been changed to take the VCL_REGEX type. This implies that their
regular expression arguments now need to be literal, not e.g. string.
* The interface for private pointers in VMODs has been changed, the VRT
backend interface has been changed, many filter (VDP/VFP) related
signatures have been changed, and the stevedore API has been changed.
(Details thereto, see online changelog.)

Update to release 6.5.1

* Bump the VRT_MAJOR_VERSION number defined in the vrt.h

Update to release 6.5.0

* `PRIV_TOP` is now thread-safe to support parallel ESI implementations.
* varnishstat's JSON output format (-j option) has been changed.
* Behavior for 304-type responses was changed not to update the
Content-Encoding response header of the stored object.

- Update Git-Web repository link

Update to release 6.4.0

* The MAIN.sess_drop counter is gone.
* backend "none" was added for "no backend".
* The hash algorithm of the hash director was changed, so backend
selection will change once only when upgrading.
* It is now possible for VMOD authors to customize the connection pooling
of a dynamic backend.
* For more, see changes.rst.

Update to release 6.3.2

* Fix a denial of service vulnerability when using the proxy protocol
version 2.

Update to release 6.3.0

* The Host: header is folded to lower-case in the builtin_vcl.
* Improved performance of shared memory statistics counters.
* Synthetic objects created from vcl_backend_error {} now replace existing
stale objects as ordinary backend fetches would (for details see
changes.rst)

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Backports SLE-15-SP3:

zypper in -t patch openSUSE-2022-148=1

Package List:

- openSUSE Backports SLE-15-SP3 (aarch64 i586 ppc64le s390x x86_64):

libvarnishapi3-7.1.0-bp153.2.3.1
varnish-7.1.0-bp153.2.3.1
varnish-devel-7.1.0-bp153.2.3.1

References:

https://www.suse.com/security/cve/CVE-2021-36740.html
https://www.suse.com/security/cve/CVE-2022-23959.html
https://bugzilla.suse.com/1181400
https://bugzilla.suse.com/1188470
https://bugzilla.suse.com/1195188



openSUSE-SU-2022:0149-1: moderate: Security update for libredwg


SUSE Security Update: Security update for libredwg
_______________________________

Announcement ID: openSUSE-SU-2022:0149-1
Rating: moderate
References: #1193372 #1194767
Cross-References: CVE-2021-28237 CVE-2022-21658
CVSS scores:
CVE-2022-21658 (NVD) : 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H
CVE-2022-21658 (SUSE): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Affected Products:
openSUSE Backports SLE-15-SP3
openSUSE Leap 15.3
_______________________________

An update that fixes two vulnerabilities is now available.

Description:

This update for libredwg fixes the following issues:

Update to release 0.12.5 [boo#1193372] [CVE-2021-28237]

* Restricted accepted DXF objects to all stable and unstable classes,
minus MATERIAL, ARC_DIMENSION, SUN, PROXY*. I.e. most unstable objects
do not allow unknown DXF codes anymore. This fixed most oss-fuzz errors.

Patch Instructions:

To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Leap 15.3:

zypper in -t patch openSUSE-SLE-15.3-2022-149=1

- openSUSE Backports SLE-15-SP3:

zypper in -t patch openSUSE-2022-149=1

Package List:

- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):

cargo1.56-1.56.1-150300.7.6.1
cargo1.56-debuginfo-1.56.1-150300.7.6.1
rust1.56-1.56.1-150300.7.6.1
rust1.56-debuginfo-1.56.1-150300.7.6.1

- openSUSE Backports SLE-15-SP3 (aarch64 i586 ppc64le s390x x86_64):

libredwg-devel-0.12.5-bp153.2.3.1
libredwg-tools-0.12.5-bp153.2.3.1
libredwg0-0.12.5-bp153.2.3.1

References:

https://www.suse.com/security/cve/CVE-2021-28237.html
https://www.suse.com/security/cve/CVE-2022-21658.html
https://bugzilla.suse.com/1193372
https://bugzilla.suse.com/1194767