SUSE-SU-2024:3540-1: moderate: Security update for Mesa
SUSE-SU-2024:3543-1: moderate: Security update for json-lib
SUSE-SU-2024:3544-1: moderate: Security update for Mesa
SUSE-SU-2024:3545-1: moderate: Security update for buildah
SUSE-SU-2024:3546-1: moderate: Security update for podman
SUSE-SU-2024:3548-1: moderate: Security update for Mesa
SUSE-SU-2024:3549-1: important: Security update for redis7
SUSE-SU-2024:3547-1: important: Security update for the Linux Kernel
SUSE-SU-2024:3550-1: moderate: Security update for podofo
SUSE-SU-2024:3551-1: important: Security update for the Linux Kernel
SUSE-SU-2024:3552-1: moderate: Security update for pgadmin4
openSUSE-SU-2024:14386-1: moderate: rusty_v8-0.106.0-1.1 on GA media
SUSE-SU-2024:3540-1: moderate: Security update for Mesa
# Security update for Mesa
Announcement ID: SUSE-SU-2024:3540-1
Release Date: 2024-10-08T08:30:31Z
Rating: moderate
References:
* bsc#1222040
* bsc#1222041
* bsc#1222042
Cross-References:
* CVE-2023-45913
* CVE-2023-45919
* CVE-2023-45922
CVSS scores:
* CVE-2023-45913 ( SUSE ): 4.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H
* CVE-2023-45919 ( SUSE ): 4.8 CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:L/I:N/A:H
* CVE-2023-45922 ( SUSE ): 4.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H
Affected Products:
* Basesystem Module 15-SP6
* openSUSE Leap 15.6
* SUSE Linux Enterprise Desktop 15 SP6
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
* SUSE Linux Enterprise Workstation Extension 15 SP6
* SUSE Package Hub 15 15-SP6
An update that solves three vulnerabilities can now be installed.
## Description:
This update for Mesa fixes the following issues:
* CVE-2023-45913: Fixed NULL pointer dereference via
dri2GetGlxDrawableFromXDrawableId() (bsc#1222040)
* CVE-2023-45919: Fixed buffer over-read in glXQueryServerString()
(bsc#1222041)
* CVE-2023-45922: Fixed segmentation violation in __glXGetDrawableAttribute()
(bsc#1222042)
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* SUSE Package Hub 15 15-SP6
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2024-3540=1
* SUSE Linux Enterprise Workstation Extension 15 SP6
zypper in -t patch SUSE-SLE-Product-WE-15-SP6-2024-3540=1
* openSUSE Leap 15.6
zypper in -t patch SUSE-2024-3540=1 openSUSE-SLE-15.6-2024-3540=1
* Basesystem Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-3540=1
## Package List:
* SUSE Package Hub 15 15-SP6 (x86_64)
* libOSMesa8-32bit-debuginfo-23.3.4-150600.83.3.1
* Mesa-debugsource-23.3.4-150600.83.3.1
* libOSMesa8-32bit-23.3.4-150600.83.3.1
* SUSE Linux Enterprise Workstation Extension 15 SP6 (x86_64)
* Mesa-dri-nouveau-23.3.4-150600.83.3.1
* Mesa-dri-nouveau-debuginfo-23.3.4-150600.83.3.1
* libvdpau_nouveau-debuginfo-23.3.4-150600.83.3.1
* Mesa-drivers-debugsource-23.3.4-150600.83.3.1
* libvdpau_nouveau-23.3.4-150600.83.3.1
* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
* libgbm-devel-23.3.4-150600.83.3.1
* Mesa-libglapi0-23.3.4-150600.83.3.1
* libOSMesa8-23.3.4-150600.83.3.1
* Mesa-libglapi-devel-23.3.4-150600.83.3.1
* Mesa-drivers-debugsource-23.3.4-150600.83.3.1
* libOSMesa8-debuginfo-23.3.4-150600.83.3.1
* Mesa-libGL1-23.3.4-150600.83.3.1
* Mesa-libGL-devel-23.3.4-150600.83.3.1
* Mesa-devel-23.3.4-150600.83.3.1
* Mesa-KHR-devel-23.3.4-150600.83.3.1
* Mesa-debugsource-23.3.4-150600.83.3.1
* Mesa-libGLESv1_CM-devel-23.3.4-150600.83.3.1
* Mesa-dri-23.3.4-150600.83.3.1
* libgbm1-23.3.4-150600.83.3.1
* Mesa-dri-devel-23.3.4-150600.83.3.1
* Mesa-libGLESv3-devel-23.3.4-150600.83.3.1
* Mesa-libEGL-devel-23.3.4-150600.83.3.1
* Mesa-23.3.4-150600.83.3.1
* Mesa-dri-debuginfo-23.3.4-150600.83.3.1
* Mesa-libglapi0-debuginfo-23.3.4-150600.83.3.1
* libOSMesa-devel-23.3.4-150600.83.3.1
* Mesa-libGLESv2-devel-23.3.4-150600.83.3.1
* libgbm1-debuginfo-23.3.4-150600.83.3.1
* Mesa-libGL1-debuginfo-23.3.4-150600.83.3.1
* Mesa-libEGL1-23.3.4-150600.83.3.1
* Mesa-libEGL1-debuginfo-23.3.4-150600.83.3.1
* openSUSE Leap 15.6 (x86_64)
* Mesa-libEGL-devel-32bit-23.3.4-150600.83.3.1
* Mesa-libGL1-32bit-debuginfo-23.3.4-150600.83.3.1
* libOSMesa8-32bit-23.3.4-150600.83.3.1
* Mesa-vulkan-overlay-32bit-debuginfo-23.3.4-150600.83.3.1
* libvulkan_radeon-32bit-23.3.4-150600.83.3.1
* Mesa-libd3d-32bit-debuginfo-23.3.4-150600.83.3.1
* libvdpau_radeonsi-32bit-23.3.4-150600.83.3.1
* Mesa-dri-32bit-23.3.4-150600.83.3.1
* Mesa-libglapi0-32bit-23.3.4-150600.83.3.1
* libvulkan_radeon-32bit-debuginfo-23.3.4-150600.83.3.1
* libvdpau_r600-32bit-23.3.4-150600.83.3.1
* libgbm1-32bit-debuginfo-23.3.4-150600.83.3.1
* Mesa-libd3d-devel-32bit-23.3.4-150600.83.3.1
* Mesa-vulkan-device-select-32bit-debuginfo-23.3.4-150600.83.3.1
* Mesa-libGLESv1_CM-devel-32bit-23.3.4-150600.83.3.1
* Mesa-dri-32bit-debuginfo-23.3.4-150600.83.3.1
* libvulkan_intel-32bit-23.3.4-150600.83.3.1
* Mesa-dri-nouveau-32bit-debuginfo-23.3.4-150600.83.3.1
* Mesa-32bit-23.3.4-150600.83.3.1
* libvdpau_nouveau-32bit-debuginfo-23.3.4-150600.83.3.1
* Mesa-libEGL1-32bit-debuginfo-23.3.4-150600.83.3.1
* Mesa-libGL1-32bit-23.3.4-150600.83.3.1
* Mesa-libGLESv2-devel-32bit-23.3.4-150600.83.3.1
* Mesa-vulkan-overlay-32bit-23.3.4-150600.83.3.1
* Mesa-gallium-32bit-debuginfo-23.3.4-150600.83.3.1
* Mesa-libEGL1-32bit-23.3.4-150600.83.3.1
* Mesa-libglapi0-32bit-debuginfo-23.3.4-150600.83.3.1
* Mesa-gallium-32bit-23.3.4-150600.83.3.1
* libvdpau_virtio_gpu-32bit-23.3.4-150600.83.3.1
* Mesa-libglapi-devel-32bit-23.3.4-150600.83.3.1
* libOSMesa8-32bit-debuginfo-23.3.4-150600.83.3.1
* Mesa-libd3d-32bit-23.3.4-150600.83.3.1
* Mesa-dri-nouveau-32bit-23.3.4-150600.83.3.1
* Mesa-libGL-devel-32bit-23.3.4-150600.83.3.1
* libvdpau_nouveau-32bit-23.3.4-150600.83.3.1
* libvdpau_virtio_gpu-32bit-debuginfo-23.3.4-150600.83.3.1
* Mesa-vulkan-device-select-32bit-23.3.4-150600.83.3.1
* libvdpau_radeonsi-32bit-debuginfo-23.3.4-150600.83.3.1
* libgbm-devel-32bit-23.3.4-150600.83.3.1
* libvdpau_r600-32bit-debuginfo-23.3.4-150600.83.3.1
* libvulkan_intel-32bit-debuginfo-23.3.4-150600.83.3.1
* libOSMesa-devel-32bit-23.3.4-150600.83.3.1
* libgbm1-32bit-23.3.4-150600.83.3.1
* openSUSE Leap 15.6 (aarch64 ppc64le x86_64 i586)
* Mesa-dri-nouveau-23.3.4-150600.83.3.1
* libvdpau_r600-debuginfo-23.3.4-150600.83.3.1
* libvdpau_virtio_gpu-debuginfo-23.3.4-150600.83.3.1
* Mesa-gallium-debuginfo-23.3.4-150600.83.3.1
* libxatracker2-1.0.0-150600.83.3.1
* libvdpau_radeonsi-23.3.4-150600.83.3.1
* Mesa-gallium-23.3.4-150600.83.3.1
* Mesa-dri-nouveau-debuginfo-23.3.4-150600.83.3.1
* libvdpau_nouveau-debuginfo-23.3.4-150600.83.3.1
* libxatracker2-debuginfo-1.0.0-150600.83.3.1
* Mesa-libOpenCL-debuginfo-23.3.4-150600.83.3.1
* libvdpau_r600-23.3.4-150600.83.3.1
* Mesa-libva-debuginfo-23.3.4-150600.83.3.1
* Mesa-libva-23.3.4-150600.83.3.1
* libvdpau_radeonsi-debuginfo-23.3.4-150600.83.3.1
* libvdpau_nouveau-23.3.4-150600.83.3.1
* libvdpau_virtio_gpu-23.3.4-150600.83.3.1
* Mesa-libOpenCL-23.3.4-150600.83.3.1
* libxatracker-devel-1.0.0-150600.83.3.1
* openSUSE Leap 15.6 (x86_64 i586)
* Mesa-libd3d-23.3.4-150600.83.3.1
* libvulkan_intel-debuginfo-23.3.4-150600.83.3.1
* Mesa-libd3d-debuginfo-23.3.4-150600.83.3.1
* Mesa-libd3d-devel-23.3.4-150600.83.3.1
* libvulkan_intel-23.3.4-150600.83.3.1
* openSUSE Leap 15.6 (aarch64 x86_64 i586)
* Mesa-vulkan-overlay-23.3.4-150600.83.3.1
* libvulkan_radeon-23.3.4-150600.83.3.1
* Mesa-vulkan-device-select-23.3.4-150600.83.3.1
* Mesa-vulkan-overlay-debuginfo-23.3.4-150600.83.3.1
* Mesa-vulkan-device-select-debuginfo-23.3.4-150600.83.3.1
* libvulkan_lvp-23.3.4-150600.83.3.1
* libvulkan_lvp-debuginfo-23.3.4-150600.83.3.1
* libvulkan_radeon-debuginfo-23.3.4-150600.83.3.1
* openSUSE Leap 15.6 (aarch64_ilp32)
* Mesa-vulkan-device-select-64bit-23.3.4-150600.83.3.1
* Mesa-libEGL1-64bit-23.3.4-150600.83.3.1
* libvdpau_radeonsi-64bit-debuginfo-23.3.4-150600.83.3.1
* Mesa-64bit-23.3.4-150600.83.3.1
* Mesa-libglapi0-64bit-debuginfo-23.3.4-150600.83.3.1
* Mesa-libGL1-64bit-23.3.4-150600.83.3.1
* Mesa-dri-nouveau-64bit-debuginfo-23.3.4-150600.83.3.1
* libvdpau_virtio_gpu-64bit-debuginfo-23.3.4-150600.83.3.1
* Mesa-libGLESv1_CM-devel-64bit-23.3.4-150600.83.3.1
* Mesa-libglapi-devel-64bit-23.3.4-150600.83.3.1
* Mesa-vulkan-device-select-64bit-debuginfo-23.3.4-150600.83.3.1
* libOSMesa-devel-64bit-23.3.4-150600.83.3.1
* Mesa-libGL1-64bit-debuginfo-23.3.4-150600.83.3.1
* libvdpau_r600-64bit-23.3.4-150600.83.3.1
* libgbm1-64bit-23.3.4-150600.83.3.1
* Mesa-libGL-devel-64bit-23.3.4-150600.83.3.1
* libvulkan_radeon-64bit-23.3.4-150600.83.3.1
* libvdpau_r600-64bit-debuginfo-23.3.4-150600.83.3.1
* Mesa-dri-64bit-debuginfo-23.3.4-150600.83.3.1
* Mesa-dri-vc4-64bit-23.3.4-150600.83.3.1
* libOSMesa8-64bit-debuginfo-23.3.4-150600.83.3.1
* libgbm-devel-64bit-23.3.4-150600.83.3.1
* Mesa-libEGL1-64bit-debuginfo-23.3.4-150600.83.3.1
* libvdpau_virtio_gpu-64bit-23.3.4-150600.83.3.1
* Mesa-vulkan-overlay-64bit-debuginfo-23.3.4-150600.83.3.1
* libvdpau_radeonsi-64bit-23.3.4-150600.83.3.1
* Mesa-dri-nouveau-64bit-23.3.4-150600.83.3.1
* libgbm1-64bit-debuginfo-23.3.4-150600.83.3.1
* Mesa-vulkan-overlay-64bit-23.3.4-150600.83.3.1
* libvulkan_radeon-64bit-debuginfo-23.3.4-150600.83.3.1
* Mesa-dri-vc4-64bit-debuginfo-23.3.4-150600.83.3.1
* libvdpau_nouveau-64bit-debuginfo-23.3.4-150600.83.3.1
* libvdpau_nouveau-64bit-23.3.4-150600.83.3.1
* Mesa-gallium-64bit-debuginfo-23.3.4-150600.83.3.1
* Mesa-libGLESv2-devel-64bit-23.3.4-150600.83.3.1
* Mesa-libEGL-devel-64bit-23.3.4-150600.83.3.1
* Mesa-dri-64bit-23.3.4-150600.83.3.1
* Mesa-gallium-64bit-23.3.4-150600.83.3.1
* libOSMesa8-64bit-23.3.4-150600.83.3.1
* Mesa-libglapi0-64bit-23.3.4-150600.83.3.1
* openSUSE Leap 15.6 (aarch64)
* libvulkan_freedreno-debuginfo-23.3.4-150600.83.3.1
* libvulkan_broadcom-23.3.4-150600.83.3.1
* libvulkan_broadcom-debuginfo-23.3.4-150600.83.3.1
* Mesa-dri-vc4-debuginfo-23.3.4-150600.83.3.1
* libvulkan_freedreno-23.3.4-150600.83.3.1
* Mesa-dri-vc4-23.3.4-150600.83.3.1
* Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* libgbm-devel-23.3.4-150600.83.3.1
* Mesa-libglapi0-23.3.4-150600.83.3.1
* libOSMesa8-23.3.4-150600.83.3.1
* Mesa-libglapi-devel-23.3.4-150600.83.3.1
* Mesa-drivers-debugsource-23.3.4-150600.83.3.1
* libOSMesa8-debuginfo-23.3.4-150600.83.3.1
* Mesa-libGL1-23.3.4-150600.83.3.1
* Mesa-libGL-devel-23.3.4-150600.83.3.1
* Mesa-devel-23.3.4-150600.83.3.1
* Mesa-KHR-devel-23.3.4-150600.83.3.1
* Mesa-debugsource-23.3.4-150600.83.3.1
* Mesa-libGLESv1_CM-devel-23.3.4-150600.83.3.1
* Mesa-dri-23.3.4-150600.83.3.1
* libgbm1-23.3.4-150600.83.3.1
* Mesa-dri-devel-23.3.4-150600.83.3.1
* Mesa-libGLESv3-devel-23.3.4-150600.83.3.1
* Mesa-libEGL-devel-23.3.4-150600.83.3.1
* Mesa-23.3.4-150600.83.3.1
* Mesa-dri-debuginfo-23.3.4-150600.83.3.1
* Mesa-libglapi0-debuginfo-23.3.4-150600.83.3.1
* libOSMesa-devel-23.3.4-150600.83.3.1
* Mesa-libGLESv2-devel-23.3.4-150600.83.3.1
* libgbm1-debuginfo-23.3.4-150600.83.3.1
* Mesa-libGL1-debuginfo-23.3.4-150600.83.3.1
* Mesa-libEGL1-23.3.4-150600.83.3.1
* Mesa-libEGL1-debuginfo-23.3.4-150600.83.3.1
* Basesystem Module 15-SP6 (aarch64 ppc64le x86_64)
* libvdpau_r600-debuginfo-23.3.4-150600.83.3.1
* libvdpau_virtio_gpu-debuginfo-23.3.4-150600.83.3.1
* Mesa-gallium-debuginfo-23.3.4-150600.83.3.1
* Mesa-gallium-23.3.4-150600.83.3.1
* libxatracker2-debuginfo-1.0.0-150600.83.3.1
* libvdpau_r600-23.3.4-150600.83.3.1
* Mesa-libva-debuginfo-23.3.4-150600.83.3.1
* Mesa-libva-23.3.4-150600.83.3.1
* libvdpau_virtio_gpu-23.3.4-150600.83.3.1
* libxatracker2-1.0.0-150600.83.3.1
* libxatracker-devel-1.0.0-150600.83.3.1
* Basesystem Module 15-SP6 (aarch64 x86_64)
* Mesa-vulkan-overlay-23.3.4-150600.83.3.1
* libvulkan_radeon-23.3.4-150600.83.3.1
* Mesa-vulkan-device-select-23.3.4-150600.83.3.1
* Mesa-vulkan-overlay-debuginfo-23.3.4-150600.83.3.1
* Mesa-vulkan-device-select-debuginfo-23.3.4-150600.83.3.1
* libvulkan_lvp-23.3.4-150600.83.3.1
* libvulkan_lvp-debuginfo-23.3.4-150600.83.3.1
* libvulkan_radeon-debuginfo-23.3.4-150600.83.3.1
* Basesystem Module 15-SP6 (x86_64)
* Mesa-libd3d-23.3.4-150600.83.3.1
* libvulkan_intel-debuginfo-23.3.4-150600.83.3.1
* Mesa-libd3d-debuginfo-23.3.4-150600.83.3.1
* Mesa-gallium-32bit-debuginfo-23.3.4-150600.83.3.1
* Mesa-libGL1-32bit-debuginfo-23.3.4-150600.83.3.1
* Mesa-libEGL1-32bit-23.3.4-150600.83.3.1
* Mesa-libglapi0-32bit-debuginfo-23.3.4-150600.83.3.1
* Mesa-gallium-32bit-23.3.4-150600.83.3.1
* Mesa-libd3d-devel-23.3.4-150600.83.3.1
* Mesa-dri-32bit-debuginfo-23.3.4-150600.83.3.1
* libvulkan_intel-23.3.4-150600.83.3.1
* libgbm1-32bit-debuginfo-23.3.4-150600.83.3.1
* libvdpau_radeonsi-debuginfo-23.3.4-150600.83.3.1
* Mesa-dri-32bit-23.3.4-150600.83.3.1
* Mesa-32bit-23.3.4-150600.83.3.1
* libvdpau_radeonsi-23.3.4-150600.83.3.1
* Mesa-libEGL1-32bit-debuginfo-23.3.4-150600.83.3.1
* Mesa-libglapi0-32bit-23.3.4-150600.83.3.1
* Mesa-libGL1-32bit-23.3.4-150600.83.3.1
* libgbm1-32bit-23.3.4-150600.83.3.1
## References:
* https://www.suse.com/security/cve/CVE-2023-45913.html
* https://www.suse.com/security/cve/CVE-2023-45919.html
* https://www.suse.com/security/cve/CVE-2023-45922.html
* https://bugzilla.suse.com/show_bug.cgi?id=1222040
* https://bugzilla.suse.com/show_bug.cgi?id=1222041
* https://bugzilla.suse.com/show_bug.cgi?id=1222042
SUSE-SU-2024:3543-1: moderate: Security update for json-lib
# Security update for json-lib
Announcement ID: SUSE-SU-2024:3543-1
Release Date: 2024-10-08T13:33:40Z
Rating: moderate
References:
* bsc#1231295
Cross-References:
* CVE-2024-47855
CVSS scores:
* CVE-2024-47855 ( SUSE ): 5.1
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
* CVE-2024-47855 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Affected Products:
* openSUSE Leap 15.5
* openSUSE Leap 15.6
An update that solves one vulnerability can now be installed.
## Description:
This update for json-lib fixes the following issues:
* CVE-2024-47855: Fixed mishandled unbalanced comment string (bsc#1231295)
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* openSUSE Leap 15.5
zypper in -t patch openSUSE-SLE-15.5-2024-3543=1
* openSUSE Leap 15.6
zypper in -t patch openSUSE-SLE-15.6-2024-3543=1
## Package List:
* openSUSE Leap 15.5 (noarch)
* jenkins-json-lib-2.4-150200.3.7.1
* json-lib-2.4-150200.3.7.1
* json-lib-javadoc-2.4-150200.3.7.1
* openSUSE Leap 15.6 (noarch)
* jenkins-json-lib-2.4-150200.3.7.1
* json-lib-2.4-150200.3.7.1
* json-lib-javadoc-2.4-150200.3.7.1
## References:
* https://www.suse.com/security/cve/CVE-2024-47855.html
* https://bugzilla.suse.com/show_bug.cgi?id=1231295
SUSE-SU-2024:3544-1: moderate: Security update for Mesa
# Security update for Mesa
Announcement ID: SUSE-SU-2024:3544-1
Release Date: 2024-10-08T14:04:06Z
Rating: moderate
References:
* bsc#1222040
* bsc#1222041
* bsc#1222042
Cross-References:
* CVE-2023-45913
* CVE-2023-45919
* CVE-2023-45922
CVSS scores:
* CVE-2023-45913 ( SUSE ): 4.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H
* CVE-2023-45919 ( SUSE ): 4.8 CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:L/I:N/A:H
* CVE-2023-45922 ( SUSE ): 4.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H
Affected Products:
* Basesystem Module 15-SP5
* Basesystem Module 15-SP6
* openSUSE Leap 15.4
* SUSE Linux Enterprise Desktop 15 SP5
* SUSE Linux Enterprise Desktop 15 SP6
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise Micro 5.3
* SUSE Linux Enterprise Micro 5.4
* SUSE Linux Enterprise Micro for Rancher 5.3
* SUSE Linux Enterprise Micro for Rancher 5.4
* SUSE Linux Enterprise Real Time 15 SP5
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
* SUSE Linux Enterprise Workstation Extension 15 SP5
* SUSE Linux Enterprise Workstation Extension 15 SP6
An update that solves three vulnerabilities can now be installed.
## Description:
This update for Mesa fixes the following issues:
* CVE-2023-45919: Fixed buffer over-read in glXQueryServerString()
(bsc#1222041).
* CVE-2023-45913: Fixed NULL pointer dereference via
dri2GetGlxDrawableFromXDrawableId() (bsc#1222040).
* CVE-2023-45922: Fixed segmentation violation in __glXGetDrawableAttribute()
(bsc#CVE-2023-45922).
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* openSUSE Leap 15.4
zypper in -t patch SUSE-2024-3544=1
* SUSE Linux Enterprise Micro for Rancher 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2024-3544=1
* SUSE Linux Enterprise Micro 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2024-3544=1
* SUSE Linux Enterprise Micro for Rancher 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2024-3544=1
* SUSE Linux Enterprise Micro 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2024-3544=1
* Basesystem Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-3544=1
* Basesystem Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-3544=1
* SUSE Linux Enterprise Workstation Extension 15 SP5
zypper in -t patch SUSE-SLE-Product-WE-15-SP5-2024-3544=1
* SUSE Linux Enterprise Workstation Extension 15 SP6
zypper in -t patch SUSE-SLE-Product-WE-15-SP6-2024-3544=1
## Package List:
* openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
* Mesa-libGLESv1_CM-devel-21.2.4-150400.68.15.1
* Mesa-KHR-devel-21.2.4-150400.68.15.1
* libOSMesa8-debuginfo-21.2.4-150400.68.15.1
* Mesa-libEGL1-21.2.4-150400.68.15.1
* libgbm-devel-21.2.4-150400.68.15.1
* Mesa-libglapi0-21.2.4-150400.68.15.1
* Mesa-libGLESv3-devel-21.2.4-150400.68.15.1
* Mesa-libGL1-21.2.4-150400.68.15.1
* Mesa-devel-21.2.4-150400.68.15.1
* Mesa-dri-debuginfo-21.2.4-150400.68.15.1
* libgbm1-debuginfo-21.2.4-150400.68.15.1
* Mesa-libEGL1-debuginfo-21.2.4-150400.68.15.1
* Mesa-libGL1-debuginfo-21.2.4-150400.68.15.1
* libOSMesa8-21.2.4-150400.68.15.1
* Mesa-libglapi0-debuginfo-21.2.4-150400.68.15.1
* Mesa-libGLESv2-devel-21.2.4-150400.68.15.1
* Mesa-21.2.4-150400.68.15.1
* Mesa-libGL-devel-21.2.4-150400.68.15.1
* Mesa-dri-devel-21.2.4-150400.68.15.1
* libOSMesa-devel-21.2.4-150400.68.15.1
* Mesa-dri-21.2.4-150400.68.15.1
* Mesa-libglapi-devel-21.2.4-150400.68.15.1
* Mesa-drivers-debugsource-21.2.4-150400.68.15.1
* Mesa-libEGL-devel-21.2.4-150400.68.15.1
* libgbm1-21.2.4-150400.68.15.1
* Mesa-debugsource-21.2.4-150400.68.15.1
* openSUSE Leap 15.4 (x86_64)
* libvulkan_intel-32bit-21.2.4-150400.68.15.1
* Mesa-vulkan-overlay-32bit-21.2.4-150400.68.15.1
* libgbm-devel-32bit-21.2.4-150400.68.15.1
* libgbm1-32bit-debuginfo-21.2.4-150400.68.15.1
* libvulkan_radeon-32bit-debuginfo-21.2.4-150400.68.15.1
* Mesa-dri-32bit-21.2.4-150400.68.15.1
* libvdpau_radeonsi-32bit-21.2.4-150400.68.15.1
* libgbm1-32bit-21.2.4-150400.68.15.1
* libXvMC_nouveau-32bit-21.2.4-150400.68.15.1
* Mesa-libGL-devel-32bit-21.2.4-150400.68.15.1
* Mesa-libd3d-devel-32bit-21.2.4-150400.68.15.1
* Mesa-libglapi-devel-32bit-21.2.4-150400.68.15.1
* Mesa-libGLESv2-devel-32bit-21.2.4-150400.68.15.1
* Mesa-dri-32bit-debuginfo-21.2.4-150400.68.15.1
* Mesa-libGLESv1_CM-devel-32bit-21.2.4-150400.68.15.1
* libXvMC_nouveau-32bit-debuginfo-21.2.4-150400.68.15.1
* libvulkan_radeon-32bit-21.2.4-150400.68.15.1
* Mesa-libd3d-32bit-21.2.4-150400.68.15.1
* Mesa-libGL1-32bit-21.2.4-150400.68.15.1
* Mesa-libglapi0-32bit-debuginfo-21.2.4-150400.68.15.1
* libvdpau_r600-32bit-debuginfo-21.2.4-150400.68.15.1
* libvdpau_radeonsi-32bit-debuginfo-21.2.4-150400.68.15.1
* libvdpau_r600-32bit-21.2.4-150400.68.15.1
* Mesa-vulkan-overlay-32bit-debuginfo-21.2.4-150400.68.15.1
* libvdpau_nouveau-32bit-debuginfo-21.2.4-150400.68.15.1
* libOSMesa-devel-32bit-21.2.4-150400.68.15.1
* libOSMesa8-32bit-21.2.4-150400.68.15.1
* Mesa-dri-nouveau-32bit-debuginfo-21.2.4-150400.68.15.1
* Mesa-32bit-21.2.4-150400.68.15.1
* libvdpau_r300-32bit-debuginfo-21.2.4-150400.68.15.1
* libvdpau_r300-32bit-21.2.4-150400.68.15.1
* Mesa-libEGL1-32bit-21.2.4-150400.68.15.1
* Mesa-libGL1-32bit-debuginfo-21.2.4-150400.68.15.1
* Mesa-libglapi0-32bit-21.2.4-150400.68.15.1
* Mesa-gallium-32bit-21.2.4-150400.68.15.1
* Mesa-libEGL-devel-32bit-21.2.4-150400.68.15.1
* Mesa-dri-nouveau-32bit-21.2.4-150400.68.15.1
* Mesa-vulkan-device-select-32bit-debuginfo-21.2.4-150400.68.15.1
* Mesa-vulkan-device-select-32bit-21.2.4-150400.68.15.1
* libvdpau_nouveau-32bit-21.2.4-150400.68.15.1
* Mesa-gallium-32bit-debuginfo-21.2.4-150400.68.15.1
* libXvMC_r600-32bit-21.2.4-150400.68.15.1
* libvulkan_intel-32bit-debuginfo-21.2.4-150400.68.15.1
* Mesa-libEGL1-32bit-debuginfo-21.2.4-150400.68.15.1
* libOSMesa8-32bit-debuginfo-21.2.4-150400.68.15.1
* Mesa-libd3d-32bit-debuginfo-21.2.4-150400.68.15.1
* libXvMC_r600-32bit-debuginfo-21.2.4-150400.68.15.1
* openSUSE Leap 15.4 (aarch64 ppc64le x86_64 i586)
* libvdpau_nouveau-debuginfo-21.2.4-150400.68.15.1
* libvdpau_r300-21.2.4-150400.68.15.1
* libvdpau_radeonsi-21.2.4-150400.68.15.1
* Mesa-libva-debuginfo-21.2.4-150400.68.15.1
* libvdpau_r600-debuginfo-21.2.4-150400.68.15.1
* libXvMC_nouveau-debuginfo-21.2.4-150400.68.15.1
* libvdpau_r600-21.2.4-150400.68.15.1
* libvdpau_r300-debuginfo-21.2.4-150400.68.15.1
* libXvMC_r600-21.2.4-150400.68.15.1
* libvdpau_radeonsi-debuginfo-21.2.4-150400.68.15.1
* libXvMC_nouveau-21.2.4-150400.68.15.1
* Mesa-libOpenCL-21.2.4-150400.68.15.1
* libxatracker2-debuginfo-1.0.0-150400.68.15.1
* libXvMC_r600-debuginfo-21.2.4-150400.68.15.1
* Mesa-libva-21.2.4-150400.68.15.1
* Mesa-dri-nouveau-21.2.4-150400.68.15.1
* Mesa-libOpenCL-debuginfo-21.2.4-150400.68.15.1
* libxatracker2-1.0.0-150400.68.15.1
* Mesa-gallium-debuginfo-21.2.4-150400.68.15.1
* libxatracker-devel-1.0.0-150400.68.15.1
* Mesa-gallium-21.2.4-150400.68.15.1
* Mesa-dri-nouveau-debuginfo-21.2.4-150400.68.15.1
* libvdpau_nouveau-21.2.4-150400.68.15.1
* openSUSE Leap 15.4 (aarch64 x86_64 i586)
* libvulkan_lvp-21.2.4-150400.68.15.1
* Mesa-libVulkan-devel-21.2.4-150400.68.15.1
* Mesa-vulkan-overlay-21.2.4-150400.68.15.1
* Mesa-libd3d-devel-21.2.4-150400.68.15.1
* Mesa-vulkan-overlay-debuginfo-21.2.4-150400.68.15.1
* libvulkan_lvp-debuginfo-21.2.4-150400.68.15.1
* Mesa-libd3d-debuginfo-21.2.4-150400.68.15.1
* libvulkan_radeon-debuginfo-21.2.4-150400.68.15.1
* Mesa-vulkan-device-select-21.2.4-150400.68.15.1
* Mesa-libd3d-21.2.4-150400.68.15.1
* libvulkan_radeon-21.2.4-150400.68.15.1
* Mesa-vulkan-device-select-debuginfo-21.2.4-150400.68.15.1
* openSUSE Leap 15.4 (x86_64 i586)
* libvulkan_intel-21.2.4-150400.68.15.1
* libvulkan_intel-debuginfo-21.2.4-150400.68.15.1
* openSUSE Leap 15.4 (aarch64_ilp32)
* libXvMC_nouveau-64bit-21.2.4-150400.68.15.1
* libvdpau_radeonsi-64bit-21.2.4-150400.68.15.1
* libvdpau_r600-64bit-21.2.4-150400.68.15.1
* libOSMesa8-64bit-21.2.4-150400.68.15.1
* Mesa-libEGL-devel-64bit-21.2.4-150400.68.15.1
* Mesa-64bit-21.2.4-150400.68.15.1
* Mesa-libglapi0-64bit-debuginfo-21.2.4-150400.68.15.1
* libXvMC_r600-64bit-21.2.4-150400.68.15.1
* libvdpau_r300-64bit-debuginfo-21.2.4-150400.68.15.1
* Mesa-libGLESv1_CM-devel-64bit-21.2.4-150400.68.15.1
* libvdpau_nouveau-64bit-debuginfo-21.2.4-150400.68.15.1
* Mesa-libGL-devel-64bit-21.2.4-150400.68.15.1
* libvdpau_radeonsi-64bit-debuginfo-21.2.4-150400.68.15.1
* libvulkan_radeon-64bit-debuginfo-21.2.4-150400.68.15.1
* Mesa-libd3d-devel-64bit-21.2.4-150400.68.15.1
* libXvMC_r600-64bit-debuginfo-21.2.4-150400.68.15.1
* libgbm-devel-64bit-21.2.4-150400.68.15.1
* libgbm1-64bit-21.2.4-150400.68.15.1
* Mesa-dri-vc4-64bit-21.2.4-150400.68.15.1
* Mesa-dri-vc4-64bit-debuginfo-21.2.4-150400.68.15.1
* libvdpau_r600-64bit-debuginfo-21.2.4-150400.68.15.1
* Mesa-libGL1-64bit-21.2.4-150400.68.15.1
* libOSMesa-devel-64bit-21.2.4-150400.68.15.1
* Mesa-libGLESv2-devel-64bit-21.2.4-150400.68.15.1
* libOSMesa8-64bit-debuginfo-21.2.4-150400.68.15.1
* Mesa-libGL1-64bit-debuginfo-21.2.4-150400.68.15.1
* Mesa-libglapi-devel-64bit-21.2.4-150400.68.15.1
* Mesa-libEGL1-64bit-21.2.4-150400.68.15.1
* Mesa-libglapi0-64bit-21.2.4-150400.68.15.1
* libvulkan_radeon-64bit-21.2.4-150400.68.15.1
* Mesa-dri-64bit-21.2.4-150400.68.15.1
* libvdpau_r300-64bit-21.2.4-150400.68.15.1
* Mesa-dri-nouveau-64bit-21.2.4-150400.68.15.1
* Mesa-libEGL1-64bit-debuginfo-21.2.4-150400.68.15.1
* Mesa-vulkan-overlay-64bit-debuginfo-21.2.4-150400.68.15.1
* Mesa-dri-64bit-debuginfo-21.2.4-150400.68.15.1
* Mesa-vulkan-device-select-64bit-21.2.4-150400.68.15.1
* Mesa-dri-nouveau-64bit-debuginfo-21.2.4-150400.68.15.1
* Mesa-gallium-64bit-debuginfo-21.2.4-150400.68.15.1
* Mesa-vulkan-device-select-64bit-debuginfo-21.2.4-150400.68.15.1
* Mesa-libd3d-64bit-debuginfo-21.2.4-150400.68.15.1
* Mesa-vulkan-overlay-64bit-21.2.4-150400.68.15.1
* libgbm1-64bit-debuginfo-21.2.4-150400.68.15.1
* Mesa-libd3d-64bit-21.2.4-150400.68.15.1
* libvdpau_nouveau-64bit-21.2.4-150400.68.15.1
* Mesa-gallium-64bit-21.2.4-150400.68.15.1
* libXvMC_nouveau-64bit-debuginfo-21.2.4-150400.68.15.1
* openSUSE Leap 15.4 (aarch64)
* libvulkan_freedreno-21.2.4-150400.68.15.1
* libvulkan_broadcom-21.2.4-150400.68.15.1
* Mesa-dri-vc4-21.2.4-150400.68.15.1
* Mesa-dri-vc4-debuginfo-21.2.4-150400.68.15.1
* libvulkan_freedreno-debuginfo-21.2.4-150400.68.15.1
* libvulkan_broadcom-debuginfo-21.2.4-150400.68.15.1
* SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64)
* libgbm1-debuginfo-21.2.4-150400.68.15.1
* libgbm1-21.2.4-150400.68.15.1
* Mesa-debugsource-21.2.4-150400.68.15.1
* SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64)
* libgbm1-debuginfo-21.2.4-150400.68.15.1
* libgbm1-21.2.4-150400.68.15.1
* Mesa-debugsource-21.2.4-150400.68.15.1
* SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64)
* libgbm1-debuginfo-21.2.4-150400.68.15.1
* libgbm1-21.2.4-150400.68.15.1
* Mesa-debugsource-21.2.4-150400.68.15.1
* SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64)
* libgbm1-debuginfo-21.2.4-150400.68.15.1
* libgbm1-21.2.4-150400.68.15.1
* Mesa-debugsource-21.2.4-150400.68.15.1
* Basesystem Module 15-SP5 (x86_64)
* Mesa-drivers-debugsource-21.2.4-150400.68.15.1
* Mesa-libVulkan-devel-21.2.4-150400.68.15.1
* Basesystem Module 15-SP6 (x86_64)
* Mesa-drivers-debugsource-21.2.4-150400.68.15.1
* Mesa-libVulkan-devel-21.2.4-150400.68.15.1
* SUSE Linux Enterprise Workstation Extension 15 SP5 (x86_64)
* Mesa-drivers-debugsource-21.2.4-150400.68.15.1
* libXvMC_nouveau-debuginfo-21.2.4-150400.68.15.1
* libXvMC_nouveau-21.2.4-150400.68.15.1
* SUSE Linux Enterprise Workstation Extension 15 SP6 (x86_64)
* Mesa-drivers-debugsource-21.2.4-150400.68.15.1
* libXvMC_nouveau-debuginfo-21.2.4-150400.68.15.1
* libXvMC_nouveau-21.2.4-150400.68.15.1
## References:
* https://www.suse.com/security/cve/CVE-2023-45913.html
* https://www.suse.com/security/cve/CVE-2023-45919.html
* https://www.suse.com/security/cve/CVE-2023-45922.html
* https://bugzilla.suse.com/show_bug.cgi?id=1222040
* https://bugzilla.suse.com/show_bug.cgi?id=1222041
* https://bugzilla.suse.com/show_bug.cgi?id=1222042
SUSE-SU-2024:3545-1: moderate: Security update for buildah
# Security update for buildah
Announcement ID: SUSE-SU-2024:3545-1
Release Date: 2024-10-08T14:04:24Z
Rating: moderate
References:
* bsc#1231208
* bsc#1231230
Cross-References:
* CVE-2024-9341
* CVE-2024-9407
CVSS scores:
* CVE-2024-9341 ( SUSE ): 5.8
CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:A/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N
* CVE-2024-9341 ( SUSE ): 5.4 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:L/A:N
* CVE-2024-9341 ( NVD ): 5.4 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:L/A:N
* CVE-2024-9407 ( SUSE ): 5.6
CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N
* CVE-2024-9407 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:L/A:N
* CVE-2024-9407 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:L/A:N
Affected Products:
* Containers Module 15-SP5
* Containers Module 15-SP6
* openSUSE Leap 15.5
* openSUSE Leap 15.6
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise Real Time 15 SP5
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
An update that solves two vulnerabilities can now be installed.
## Description:
This update for buildah fixes the following issues:
* CVE-2024-9407: Fixed Improper Input Validation in bind-propagation Option of
Dockerfile RUN --mount Instruction (bsc#1231208).
* CVE-2024-9341: Fixed FIPS Crypto-Policy Directory Mounting Issue in
containers/common Go Library in cri-o (nsc#1231230).
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* openSUSE Leap 15.5
zypper in -t patch SUSE-2024-3545=1 openSUSE-SLE-15.5-2024-3545=1
* openSUSE Leap 15.6
zypper in -t patch openSUSE-SLE-15.6-2024-3545=1
* Containers Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Containers-15-SP5-2024-3545=1
* Containers Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Containers-15-SP6-2024-3545=1
## Package List:
* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586)
* buildah-1.35.4-150500.3.13.1
* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
* buildah-1.35.4-150500.3.13.1
* Containers Module 15-SP5 (aarch64 ppc64le s390x x86_64)
* buildah-1.35.4-150500.3.13.1
* Containers Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* buildah-1.35.4-150500.3.13.1
## References:
* https://www.suse.com/security/cve/CVE-2024-9341.html
* https://www.suse.com/security/cve/CVE-2024-9407.html
* https://bugzilla.suse.com/show_bug.cgi?id=1231208
* https://bugzilla.suse.com/show_bug.cgi?id=1231230
SUSE-SU-2024:3546-1: moderate: Security update for podman
# Security update for podman
Announcement ID: SUSE-SU-2024:3546-1
Release Date: 2024-10-08T14:04:55Z
Rating: moderate
References:
* bsc#1231230
Cross-References:
* CVE-2024-6104
* CVE-2024-9341
CVSS scores:
* CVE-2024-6104 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N
* CVE-2024-6104 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
* CVE-2024-9341 ( SUSE ): 5.8
CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:A/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N
* CVE-2024-9341 ( SUSE ): 5.4 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:L/A:N
* CVE-2024-9341 ( NVD ): 5.4 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:L/A:N
Affected Products:
* Containers Module 15-SP5
* Containers Module 15-SP6
* openSUSE Leap 15.5
* openSUSE Leap 15.6
* openSUSE Leap Micro 5.5
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise Micro 5.5
* SUSE Linux Enterprise Real Time 15 SP5
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
An update that solves two vulnerabilities can now be installed.
## Description:
This update for podman fixes the following issues:
* CVE-2024-9341: Fixed FIPS Crypto-Policy Directory Mounting Issue in
containers/common Go Library (bsc#1231230)
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* openSUSE Leap 15.5
zypper in -t patch SUSE-2024-3546=1 openSUSE-SLE-15.5-2024-3546=1
* openSUSE Leap Micro 5.5
zypper in -t patch openSUSE-Leap-Micro-5.5-2024-3546=1
* openSUSE Leap 15.6
zypper in -t patch openSUSE-SLE-15.6-2024-3546=1
* SUSE Linux Enterprise Micro 5.5
zypper in -t patch SUSE-SLE-Micro-5.5-2024-3546=1
* Containers Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Containers-15-SP5-2024-3546=1
* Containers Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Containers-15-SP6-2024-3546=1
## Package List:
* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586)
* podman-remote-4.9.5-150500.3.18.1
* podman-debuginfo-4.9.5-150500.3.18.1
* podmansh-4.9.5-150500.3.18.1
* podman-4.9.5-150500.3.18.1
* podman-remote-debuginfo-4.9.5-150500.3.18.1
* openSUSE Leap 15.5 (noarch)
* podman-docker-4.9.5-150500.3.18.1
* openSUSE Leap Micro 5.5 (aarch64 ppc64le s390x x86_64)
* podman-remote-4.9.5-150500.3.18.1
* podman-debuginfo-4.9.5-150500.3.18.1
* podmansh-4.9.5-150500.3.18.1
* podman-4.9.5-150500.3.18.1
* podman-remote-debuginfo-4.9.5-150500.3.18.1
* openSUSE Leap Micro 5.5 (noarch)
* podman-docker-4.9.5-150500.3.18.1
* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
* podman-remote-4.9.5-150500.3.18.1
* podman-debuginfo-4.9.5-150500.3.18.1
* podmansh-4.9.5-150500.3.18.1
* podman-4.9.5-150500.3.18.1
* podman-remote-debuginfo-4.9.5-150500.3.18.1
* openSUSE Leap 15.6 (noarch)
* podman-docker-4.9.5-150500.3.18.1
* SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64)
* podman-remote-4.9.5-150500.3.18.1
* podman-debuginfo-4.9.5-150500.3.18.1
* podmansh-4.9.5-150500.3.18.1
* podman-4.9.5-150500.3.18.1
* podman-remote-debuginfo-4.9.5-150500.3.18.1
* SUSE Linux Enterprise Micro 5.5 (noarch)
* podman-docker-4.9.5-150500.3.18.1
* Containers Module 15-SP5 (aarch64 ppc64le s390x x86_64)
* podman-remote-4.9.5-150500.3.18.1
* podman-debuginfo-4.9.5-150500.3.18.1
* podmansh-4.9.5-150500.3.18.1
* podman-4.9.5-150500.3.18.1
* podman-remote-debuginfo-4.9.5-150500.3.18.1
* Containers Module 15-SP5 (noarch)
* podman-docker-4.9.5-150500.3.18.1
* Containers Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* podman-remote-4.9.5-150500.3.18.1
* podman-debuginfo-4.9.5-150500.3.18.1
* podmansh-4.9.5-150500.3.18.1
* podman-4.9.5-150500.3.18.1
* podman-remote-debuginfo-4.9.5-150500.3.18.1
* Containers Module 15-SP6 (noarch)
* podman-docker-4.9.5-150500.3.18.1
## References:
* https://www.suse.com/security/cve/CVE-2024-6104.html
* https://www.suse.com/security/cve/CVE-2024-9341.html
* https://bugzilla.suse.com/show_bug.cgi?id=1231230
SUSE-SU-2024:3548-1: moderate: Security update for Mesa
# Security update for Mesa
Announcement ID: SUSE-SU-2024:3548-1
Release Date: 2024-10-08T14:07:13Z
Rating: moderate
References:
* bsc#1222040
* bsc#1222041
* bsc#1222042
Cross-References:
* CVE-2023-45913
* CVE-2023-45919
* CVE-2023-45922
CVSS scores:
* CVE-2023-45913 ( SUSE ): 4.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H
* CVE-2023-45919 ( SUSE ): 4.8 CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:L/I:N/A:H
* CVE-2023-45922 ( SUSE ): 4.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H
Affected Products:
* Basesystem Module 15-SP5
* Basesystem Module 15-SP6
* openSUSE Leap 15.5
* openSUSE Leap Micro 5.5
* SUSE Linux Enterprise Desktop 15 SP5
* SUSE Linux Enterprise Desktop 15 SP6
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise Micro 5.5
* SUSE Linux Enterprise Real Time 15 SP5
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
* SUSE Linux Enterprise Workstation Extension 15 SP5
* SUSE Package Hub 15 15-SP5
* SUSE Package Hub 15 15-SP6
An update that solves three vulnerabilities can now be installed.
## Description:
This update for Mesa fixes the following issues:
* CVE-2023-45913: Fixed NULL pointer dereference via
dri2GetGlxDrawableFromXDrawableId() (bsc#1222040)
* CVE-2023-45919: Fixed buffer over-read in glXQueryServerString()
(bsc#1222041)
* CVE-2023-45922: Fixed segmentation violation in __glXGetDrawableAttribute()
(bsc#1222042)
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* openSUSE Leap 15.5
zypper in -t patch openSUSE-SLE-15.5-2024-3548=1 SUSE-2024-3548=1
* openSUSE Leap Micro 5.5
zypper in -t patch openSUSE-Leap-Micro-5.5-2024-3548=1
* SUSE Linux Enterprise Micro 5.5
zypper in -t patch SUSE-SLE-Micro-5.5-2024-3548=1
* Basesystem Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-3548=1
* Basesystem Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-3548=1
* SUSE Package Hub 15 15-SP5
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-3548=1
* SUSE Package Hub 15 15-SP6
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2024-3548=1
* SUSE Linux Enterprise Workstation Extension 15 SP5
zypper in -t patch SUSE-SLE-Product-WE-15-SP5-2024-3548=1
## Package List:
* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586)
* Mesa-libglapi-devel-22.3.5-150500.77.5.1
* libOSMesa8-debuginfo-22.3.5-150500.77.5.1
* libgbm1-22.3.5-150500.77.5.1
* Mesa-debugsource-22.3.5-150500.77.5.1
* Mesa-libEGL1-22.3.5-150500.77.5.1
* libOSMesa-devel-22.3.5-150500.77.5.1
* Mesa-libGL-devel-22.3.5-150500.77.5.1
* Mesa-22.3.5-150500.77.5.1
* Mesa-libGLESv3-devel-22.3.5-150500.77.5.1
* Mesa-drivers-debugsource-22.3.5-150500.77.5.1
* libgbm-devel-22.3.5-150500.77.5.1
* libgbm1-debuginfo-22.3.5-150500.77.5.1
* Mesa-devel-22.3.5-150500.77.5.1
* Mesa-libGL1-22.3.5-150500.77.5.1
* Mesa-libGL1-debuginfo-22.3.5-150500.77.5.1
* Mesa-libGLESv1_CM-devel-22.3.5-150500.77.5.1
* Mesa-libglapi0-debuginfo-22.3.5-150500.77.5.1
* Mesa-libEGL1-debuginfo-22.3.5-150500.77.5.1
* Mesa-KHR-devel-22.3.5-150500.77.5.1
* Mesa-libglapi0-22.3.5-150500.77.5.1
* Mesa-libGLESv2-devel-22.3.5-150500.77.5.1
* Mesa-dri-devel-22.3.5-150500.77.5.1
* Mesa-dri-debuginfo-22.3.5-150500.77.5.1
* Mesa-dri-22.3.5-150500.77.5.1
* libOSMesa8-22.3.5-150500.77.5.1
* Mesa-libEGL-devel-22.3.5-150500.77.5.1
* openSUSE Leap 15.5 (x86_64)
* Mesa-dri-32bit-22.3.5-150500.77.5.1
* libOSMesa8-32bit-debuginfo-22.3.5-150500.77.5.1
* Mesa-dri-32bit-debuginfo-22.3.5-150500.77.5.1
* Mesa-vulkan-overlay-32bit-debuginfo-22.3.5-150500.77.5.1
* Mesa-libd3d-32bit-22.3.5-150500.77.5.1
* Mesa-libEGL1-32bit-22.3.5-150500.77.5.1
* libgbm-devel-32bit-22.3.5-150500.77.5.1
* libvulkan_intel-32bit-22.3.5-150500.77.5.1
* Mesa-libGLESv2-devel-32bit-22.3.5-150500.77.5.1
* Mesa-libd3d-32bit-debuginfo-22.3.5-150500.77.5.1
* libvulkan_radeon-32bit-22.3.5-150500.77.5.1
* Mesa-libglapi-devel-32bit-22.3.5-150500.77.5.1
* libvulkan_intel-32bit-debuginfo-22.3.5-150500.77.5.1
* libvdpau_r300-32bit-22.3.5-150500.77.5.1
* Mesa-vulkan-device-select-32bit-debuginfo-22.3.5-150500.77.5.1
* libOSMesa8-32bit-22.3.5-150500.77.5.1
* Mesa-32bit-22.3.5-150500.77.5.1
* libgbm1-32bit-22.3.5-150500.77.5.1
* libvdpau_r600-32bit-debuginfo-22.3.5-150500.77.5.1
* libvdpau_virtio_gpu-32bit-22.3.5-150500.77.5.1
* libvdpau_virtio_gpu-32bit-debuginfo-22.3.5-150500.77.5.1
* libOSMesa-devel-32bit-22.3.5-150500.77.5.1
* libvulkan_radeon-32bit-debuginfo-22.3.5-150500.77.5.1
* libvdpau_radeonsi-32bit-22.3.5-150500.77.5.1
* Mesa-libglapi0-32bit-22.3.5-150500.77.5.1
* libgbm1-32bit-debuginfo-22.3.5-150500.77.5.1
* Mesa-libd3d-devel-32bit-22.3.5-150500.77.5.1
* Mesa-libEGL-devel-32bit-22.3.5-150500.77.5.1
* libvdpau_radeonsi-32bit-debuginfo-22.3.5-150500.77.5.1
* Mesa-vulkan-overlay-32bit-22.3.5-150500.77.5.1
* libvdpau_r600-32bit-22.3.5-150500.77.5.1
* Mesa-libEGL1-32bit-debuginfo-22.3.5-150500.77.5.1
* Mesa-libGL1-32bit-22.3.5-150500.77.5.1
* libvdpau_r300-32bit-debuginfo-22.3.5-150500.77.5.1
* Mesa-gallium-32bit-22.3.5-150500.77.5.1
* Mesa-dri-nouveau-32bit-debuginfo-22.3.5-150500.77.5.1
* Mesa-gallium-32bit-debuginfo-22.3.5-150500.77.5.1
* libvdpau_nouveau-32bit-22.3.5-150500.77.5.1
* Mesa-libGLESv1_CM-devel-32bit-22.3.5-150500.77.5.1
* Mesa-vulkan-device-select-32bit-22.3.5-150500.77.5.1
* Mesa-dri-nouveau-32bit-22.3.5-150500.77.5.1
* Mesa-libGL1-32bit-debuginfo-22.3.5-150500.77.5.1
* libvdpau_nouveau-32bit-debuginfo-22.3.5-150500.77.5.1
* Mesa-libglapi0-32bit-debuginfo-22.3.5-150500.77.5.1
* Mesa-libGL-devel-32bit-22.3.5-150500.77.5.1
* openSUSE Leap 15.5 (aarch64 ppc64le x86_64 i586)
* libvdpau_r300-22.3.5-150500.77.5.1
* libvdpau_nouveau-22.3.5-150500.77.5.1
* libxatracker2-1.0.0-150500.77.5.1
* Mesa-gallium-22.3.5-150500.77.5.1
* Mesa-dri-nouveau-22.3.5-150500.77.5.1
* libvdpau_radeonsi-22.3.5-150500.77.5.1
* libvdpau_virtio_gpu-22.3.5-150500.77.5.1
* libvdpau_radeonsi-debuginfo-22.3.5-150500.77.5.1
* Mesa-gallium-debuginfo-22.3.5-150500.77.5.1
* Mesa-libva-debuginfo-22.3.5-150500.77.5.1
* libxatracker2-debuginfo-1.0.0-150500.77.5.1
* libvdpau_r600-debuginfo-22.3.5-150500.77.5.1
* libvdpau_nouveau-debuginfo-22.3.5-150500.77.5.1
* libvdpau_r600-22.3.5-150500.77.5.1
* libxatracker-devel-1.0.0-150500.77.5.1
* Mesa-libva-22.3.5-150500.77.5.1
* Mesa-libOpenCL-22.3.5-150500.77.5.1
* Mesa-dri-nouveau-debuginfo-22.3.5-150500.77.5.1
* Mesa-libOpenCL-debuginfo-22.3.5-150500.77.5.1
* libvdpau_virtio_gpu-debuginfo-22.3.5-150500.77.5.1
* libvdpau_r300-debuginfo-22.3.5-150500.77.5.1
* openSUSE Leap 15.5 (aarch64 x86_64 i586)
* Mesa-vulkan-device-select-debuginfo-22.3.5-150500.77.5.1
* Mesa-vulkan-overlay-22.3.5-150500.77.5.1
* libvulkan_lvp-22.3.5-150500.77.5.1
* libvulkan_radeon-22.3.5-150500.77.5.1
* libvulkan_radeon-debuginfo-22.3.5-150500.77.5.1
* Mesa-libd3d-debuginfo-22.3.5-150500.77.5.1
* Mesa-libd3d-devel-22.3.5-150500.77.5.1
* libvulkan_lvp-debuginfo-22.3.5-150500.77.5.1
* Mesa-libd3d-22.3.5-150500.77.5.1
* Mesa-vulkan-overlay-debuginfo-22.3.5-150500.77.5.1
* Mesa-vulkan-device-select-22.3.5-150500.77.5.1
* openSUSE Leap 15.5 (x86_64 i586)
* libvulkan_intel-debuginfo-22.3.5-150500.77.5.1
* libvulkan_intel-22.3.5-150500.77.5.1
* openSUSE Leap 15.5 (aarch64_ilp32)
* Mesa-libglapi0-64bit-debuginfo-22.3.5-150500.77.5.1
* libvdpau_virtio_gpu-64bit-debuginfo-22.3.5-150500.77.5.1
* Mesa-libEGL1-64bit-debuginfo-22.3.5-150500.77.5.1
* libgbm-devel-64bit-22.3.5-150500.77.5.1
* Mesa-libGL-devel-64bit-22.3.5-150500.77.5.1
* libgbm1-64bit-22.3.5-150500.77.5.1
* libvdpau_r300-64bit-22.3.5-150500.77.5.1
* libvdpau_radeonsi-64bit-debuginfo-22.3.5-150500.77.5.1
* libOSMesa8-64bit-22.3.5-150500.77.5.1
* libOSMesa8-64bit-debuginfo-22.3.5-150500.77.5.1
* libgbm1-64bit-debuginfo-22.3.5-150500.77.5.1
* libvdpau_r300-64bit-debuginfo-22.3.5-150500.77.5.1
* Mesa-libGLESv1_CM-devel-64bit-22.3.5-150500.77.5.1
* Mesa-libGL1-64bit-22.3.5-150500.77.5.1
* Mesa-gallium-64bit-debuginfo-22.3.5-150500.77.5.1
* Mesa-vulkan-overlay-64bit-22.3.5-150500.77.5.1
* libvdpau_nouveau-64bit-22.3.5-150500.77.5.1
* Mesa-gallium-64bit-22.3.5-150500.77.5.1
* Mesa-libd3d-devel-64bit-22.3.5-150500.77.5.1
* Mesa-vulkan-device-select-64bit-22.3.5-150500.77.5.1
* Mesa-vulkan-device-select-64bit-debuginfo-22.3.5-150500.77.5.1
* Mesa-libd3d-64bit-22.3.5-150500.77.5.1
* libvdpau_nouveau-64bit-debuginfo-22.3.5-150500.77.5.1
* Mesa-dri-vc4-64bit-debuginfo-22.3.5-150500.77.5.1
* libOSMesa-devel-64bit-22.3.5-150500.77.5.1
* Mesa-libGL1-64bit-debuginfo-22.3.5-150500.77.5.1
* Mesa-dri-vc4-64bit-22.3.5-150500.77.5.1
* Mesa-libEGL-devel-64bit-22.3.5-150500.77.5.1
* Mesa-libd3d-64bit-debuginfo-22.3.5-150500.77.5.1
* Mesa-dri-64bit-debuginfo-22.3.5-150500.77.5.1
* Mesa-dri-nouveau-64bit-22.3.5-150500.77.5.1
* Mesa-64bit-22.3.5-150500.77.5.1
* Mesa-libEGL1-64bit-22.3.5-150500.77.5.1
* Mesa-libglapi-devel-64bit-22.3.5-150500.77.5.1
* Mesa-dri-nouveau-64bit-debuginfo-22.3.5-150500.77.5.1
* Mesa-libGLESv2-devel-64bit-22.3.5-150500.77.5.1
* Mesa-libglapi0-64bit-22.3.5-150500.77.5.1
* Mesa-vulkan-overlay-64bit-debuginfo-22.3.5-150500.77.5.1
* libvdpau_r600-64bit-22.3.5-150500.77.5.1
* libvdpau_r600-64bit-debuginfo-22.3.5-150500.77.5.1
* libvdpau_radeonsi-64bit-22.3.5-150500.77.5.1
* libvulkan_radeon-64bit-debuginfo-22.3.5-150500.77.5.1
* libvulkan_radeon-64bit-22.3.5-150500.77.5.1
* libvdpau_virtio_gpu-64bit-22.3.5-150500.77.5.1
* Mesa-dri-64bit-22.3.5-150500.77.5.1
* openSUSE Leap 15.5 (aarch64)
* libvulkan_broadcom-debuginfo-22.3.5-150500.77.5.1
* libvulkan_freedreno-22.3.5-150500.77.5.1
* Mesa-dri-vc4-22.3.5-150500.77.5.1
* libvulkan_broadcom-22.3.5-150500.77.5.1
* libvulkan_freedreno-debuginfo-22.3.5-150500.77.5.1
* Mesa-dri-vc4-debuginfo-22.3.5-150500.77.5.1
* openSUSE Leap Micro 5.5 (aarch64 s390x x86_64)
* Mesa-22.3.5-150500.77.5.1
* Mesa-libGL1-22.3.5-150500.77.5.1
* Mesa-libGL1-debuginfo-22.3.5-150500.77.5.1
* Mesa-libglapi0-22.3.5-150500.77.5.1
* Mesa-drivers-debugsource-22.3.5-150500.77.5.1
* libgbm1-debuginfo-22.3.5-150500.77.5.1
* libgbm1-22.3.5-150500.77.5.1
* Mesa-debugsource-22.3.5-150500.77.5.1
* Mesa-libEGL1-22.3.5-150500.77.5.1
* Mesa-dri-debuginfo-22.3.5-150500.77.5.1
* Mesa-libglapi0-debuginfo-22.3.5-150500.77.5.1
* Mesa-libEGL1-debuginfo-22.3.5-150500.77.5.1
* Mesa-dri-22.3.5-150500.77.5.1
* openSUSE Leap Micro 5.5 (aarch64 x86_64)
* Mesa-gallium-22.3.5-150500.77.5.1
* Mesa-gallium-debuginfo-22.3.5-150500.77.5.1
* SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64)
* Mesa-22.3.5-150500.77.5.1
* Mesa-libGL1-22.3.5-150500.77.5.1
* Mesa-libGL1-debuginfo-22.3.5-150500.77.5.1
* Mesa-libglapi0-22.3.5-150500.77.5.1
* Mesa-drivers-debugsource-22.3.5-150500.77.5.1
* libgbm1-debuginfo-22.3.5-150500.77.5.1
* libgbm1-22.3.5-150500.77.5.1
* Mesa-debugsource-22.3.5-150500.77.5.1
* Mesa-libEGL1-22.3.5-150500.77.5.1
* Mesa-dri-debuginfo-22.3.5-150500.77.5.1
* Mesa-libglapi0-debuginfo-22.3.5-150500.77.5.1
* Mesa-libEGL1-debuginfo-22.3.5-150500.77.5.1
* Mesa-dri-22.3.5-150500.77.5.1
* SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le x86_64)
* Mesa-gallium-22.3.5-150500.77.5.1
* Mesa-gallium-debuginfo-22.3.5-150500.77.5.1
* Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64)
* Mesa-libglapi-devel-22.3.5-150500.77.5.1
* libOSMesa8-debuginfo-22.3.5-150500.77.5.1
* libgbm1-22.3.5-150500.77.5.1
* Mesa-debugsource-22.3.5-150500.77.5.1
* Mesa-libEGL1-22.3.5-150500.77.5.1
* libOSMesa-devel-22.3.5-150500.77.5.1
* Mesa-libGL-devel-22.3.5-150500.77.5.1
* Mesa-22.3.5-150500.77.5.1
* Mesa-libGLESv3-devel-22.3.5-150500.77.5.1
* Mesa-drivers-debugsource-22.3.5-150500.77.5.1
* libgbm-devel-22.3.5-150500.77.5.1
* libgbm1-debuginfo-22.3.5-150500.77.5.1
* libOSMesa8-22.3.5-150500.77.5.1
* Mesa-devel-22.3.5-150500.77.5.1
* Mesa-libGL1-22.3.5-150500.77.5.1
* Mesa-libGL1-debuginfo-22.3.5-150500.77.5.1
* Mesa-libGLESv1_CM-devel-22.3.5-150500.77.5.1
* Mesa-libglapi0-debuginfo-22.3.5-150500.77.5.1
* Mesa-libEGL1-debuginfo-22.3.5-150500.77.5.1
* Mesa-KHR-devel-22.3.5-150500.77.5.1
* Mesa-libglapi0-22.3.5-150500.77.5.1
* Mesa-libGLESv2-devel-22.3.5-150500.77.5.1
* Mesa-dri-devel-22.3.5-150500.77.5.1
* Mesa-dri-debuginfo-22.3.5-150500.77.5.1
* Mesa-dri-22.3.5-150500.77.5.1
* Mesa-libEGL-devel-22.3.5-150500.77.5.1
* Basesystem Module 15-SP5 (aarch64 ppc64le x86_64)
* libvdpau_r600-22.3.5-150500.77.5.1
* Mesa-libva-22.3.5-150500.77.5.1
* libvdpau_r300-22.3.5-150500.77.5.1
* libvdpau_virtio_gpu-22.3.5-150500.77.5.1
* libxatracker2-1.0.0-150500.77.5.1
* Mesa-gallium-debuginfo-22.3.5-150500.77.5.1
* Mesa-gallium-22.3.5-150500.77.5.1
* Mesa-libva-debuginfo-22.3.5-150500.77.5.1
* libvdpau_virtio_gpu-debuginfo-22.3.5-150500.77.5.1
* libxatracker2-debuginfo-1.0.0-150500.77.5.1
* libxatracker-devel-1.0.0-150500.77.5.1
* libvdpau_r300-debuginfo-22.3.5-150500.77.5.1
* libvdpau_r600-debuginfo-22.3.5-150500.77.5.1
* Basesystem Module 15-SP5 (aarch64 x86_64)
* Mesa-vulkan-device-select-debuginfo-22.3.5-150500.77.5.1
* Mesa-vulkan-overlay-22.3.5-150500.77.5.1
* libvulkan_lvp-22.3.5-150500.77.5.1
* libvulkan_radeon-22.3.5-150500.77.5.1
* libvulkan_radeon-debuginfo-22.3.5-150500.77.5.1
* libvulkan_lvp-debuginfo-22.3.5-150500.77.5.1
* Mesa-vulkan-overlay-debuginfo-22.3.5-150500.77.5.1
* Mesa-vulkan-device-select-22.3.5-150500.77.5.1
* Basesystem Module 15-SP5 (x86_64)
* libgbm1-32bit-22.3.5-150500.77.5.1
* Mesa-dri-32bit-22.3.5-150500.77.5.1
* libvdpau_radeonsi-22.3.5-150500.77.5.1
* Mesa-dri-32bit-debuginfo-22.3.5-150500.77.5.1
* Mesa-libEGL1-32bit-debuginfo-22.3.5-150500.77.5.1
* Mesa-libGL1-32bit-22.3.5-150500.77.5.1
* Mesa-libEGL1-32bit-22.3.5-150500.77.5.1
* Mesa-gallium-32bit-22.3.5-150500.77.5.1
* libvulkan_intel-22.3.5-150500.77.5.1
* libvdpau_radeonsi-debuginfo-22.3.5-150500.77.5.1
* Mesa-gallium-32bit-debuginfo-22.3.5-150500.77.5.1
* Mesa-libGL1-32bit-debuginfo-22.3.5-150500.77.5.1
* Mesa-libd3d-debuginfo-22.3.5-150500.77.5.1
* Mesa-libd3d-devel-22.3.5-150500.77.5.1
* Mesa-libglapi0-32bit-22.3.5-150500.77.5.1
* Mesa-libd3d-22.3.5-150500.77.5.1
* Mesa-libglapi0-32bit-debuginfo-22.3.5-150500.77.5.1
* libgbm1-32bit-debuginfo-22.3.5-150500.77.5.1
* libvulkan_intel-debuginfo-22.3.5-150500.77.5.1
* Mesa-32bit-22.3.5-150500.77.5.1
* Basesystem Module 15-SP6 (aarch64 ppc64le x86_64)
* libvdpau_r300-debuginfo-22.3.5-150500.77.5.1
* libvdpau_r300-22.3.5-150500.77.5.1
* Mesa-drivers-debugsource-22.3.5-150500.77.5.1
* SUSE Package Hub 15 15-SP5 (x86_64)
* libOSMesa8-32bit-debuginfo-22.3.5-150500.77.5.1
* libOSMesa8-32bit-22.3.5-150500.77.5.1
* Mesa-debugsource-22.3.5-150500.77.5.1
* SUSE Package Hub 15 15-SP6 (x86_64)
* Mesa-vulkan-device-select-32bit-22.3.5-150500.77.5.1
* libvulkan_radeon-32bit-22.3.5-150500.77.5.1
* libvulkan_intel-32bit-22.3.5-150500.77.5.1
* libvulkan_radeon-32bit-debuginfo-22.3.5-150500.77.5.1
* libvulkan_intel-32bit-debuginfo-22.3.5-150500.77.5.1
* Mesa-vulkan-device-select-32bit-debuginfo-22.3.5-150500.77.5.1
* SUSE Linux Enterprise Workstation Extension 15 SP5 (x86_64)
* Mesa-drivers-debugsource-22.3.5-150500.77.5.1
* Mesa-dri-nouveau-debuginfo-22.3.5-150500.77.5.1
* libvdpau_nouveau-22.3.5-150500.77.5.1
* Mesa-dri-nouveau-22.3.5-150500.77.5.1
* libvdpau_nouveau-debuginfo-22.3.5-150500.77.5.1
## References:
* https://www.suse.com/security/cve/CVE-2023-45913.html
* https://www.suse.com/security/cve/CVE-2023-45919.html
* https://www.suse.com/security/cve/CVE-2023-45922.html
* https://bugzilla.suse.com/show_bug.cgi?id=1222040
* https://bugzilla.suse.com/show_bug.cgi?id=1222041
* https://bugzilla.suse.com/show_bug.cgi?id=1222042
SUSE-SU-2024:3549-1: important: Security update for redis7
# Security update for redis7
Announcement ID: SUSE-SU-2024:3549-1
Release Date: 2024-10-08T14:07:24Z
Rating: important
References:
* bsc#1231264
* bsc#1231265
* bsc#1231266
Cross-References:
* CVE-2024-31227
* CVE-2024-31228
* CVE-2024-31449
CVSS scores:
* CVE-2024-31227 ( SUSE ): 4.5 CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H
* CVE-2024-31227 ( NVD ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-31228 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-31228 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-31449 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-31449 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products:
* openSUSE Leap 15.5
* Server Applications Module 15-SP5
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise Real Time 15 SP5
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
An update that solves three vulnerabilities can now be installed.
## Description:
This update for redis7 fixes the following issues:
* CVE-2024-31227: Fixed parsing issue leading to denail of service
(bsc#1231266)
* CVE-2024-31228: Fixed unbounded recursive pattern matching (bsc#1231265)
* CVE-2024-31449: Fixed integer overflow bug in Lua bit_tohex (bsc#1231264)
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* openSUSE Leap 15.5
zypper in -t patch openSUSE-SLE-15.5-2024-3549=1 SUSE-2024-3549=1
* Server Applications Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP5-2024-3549=1
## Package List:
* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586)
* redis7-7.0.8-150500.3.12.1
* redis7-debugsource-7.0.8-150500.3.12.1
* redis7-debuginfo-7.0.8-150500.3.12.1
* Server Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64)
* redis7-7.0.8-150500.3.12.1
* redis7-debugsource-7.0.8-150500.3.12.1
* redis7-debuginfo-7.0.8-150500.3.12.1
## References:
* https://www.suse.com/security/cve/CVE-2024-31227.html
* https://www.suse.com/security/cve/CVE-2024-31228.html
* https://www.suse.com/security/cve/CVE-2024-31449.html
* https://bugzilla.suse.com/show_bug.cgi?id=1231264
* https://bugzilla.suse.com/show_bug.cgi?id=1231265
* https://bugzilla.suse.com/show_bug.cgi?id=1231266
SUSE-SU-2024:3547-1: important: Security update for the Linux Kernel
# Security update for the Linux Kernel
Announcement ID: SUSE-SU-2024:3547-1
Release Date: 2024-10-08T14:06:34Z
Rating: important
References:
* bsc#1216223
* bsc#1223600
* bsc#1223958
* bsc#1225272
* bsc#1227487
* bsc#1228466
* bsc#1229407
* bsc#1229633
* bsc#1229662
* bsc#1229947
* bsc#1230015
* bsc#1230398
* bsc#1230434
* bsc#1230507
* bsc#1230767
* bsc#1231016
Cross-References:
* CVE-2022-48911
* CVE-2022-48923
* CVE-2022-48944
* CVE-2022-48945
* CVE-2024-41087
* CVE-2024-42301
* CVE-2024-44946
* CVE-2024-45021
* CVE-2024-46674
* CVE-2024-46774
CVSS scores:
* CVE-2022-48911 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2022-48911 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48923 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2022-48923 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2022-48923 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48944 ( SUSE ): 5.7
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2022-48944 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48944 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-41087 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-41087 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-42301 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-42301 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-44946 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-44946 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-45021 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-45021 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-46674 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-46674 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-46774 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Affected Products:
* openSUSE Leap 15.4
* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4
* SUSE Linux Enterprise High Availability Extension 15 SP4
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
* SUSE Linux Enterprise Live Patching 15-SP4
* SUSE Linux Enterprise Micro 5.3
* SUSE Linux Enterprise Micro 5.4
* SUSE Linux Enterprise Micro for Rancher 5.3
* SUSE Linux Enterprise Micro for Rancher 5.4
* SUSE Linux Enterprise Real Time 15 SP4
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Manager Proxy 4.3
* SUSE Manager Retail Branch Server 4.3
* SUSE Manager Server 4.3
An update that solves 10 vulnerabilities and has six security fixes can now be
installed.
## Description:
The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security
bugfixes.
The following security bugs were fixed:
* CVE-2022-48911: kabi: add __nf_queue_get_refs() for kabi compliance.
(bsc#1229633).
* CVE-2022-48923: btrfs: prevent copying too big compressed lzo segment
(bsc#1229662)
* CVE-2024-41087: Fix double free on error (bsc#1228466).
* CVE-2024-42301: Fix the array out-of-bounds risk (bsc#1229407).
* CVE-2024-44946: kcm: Serialise kcm_sendmsg() for the same socket
(bsc#1230015).
* CVE-2024-45021: memcg_write_event_control(): fix a user-triggerable oops
(bsc#1230434).
* CVE-2024-46674: usb: dwc3: st: fix probed platform device ref count on probe
error path (bsc#1230507).
The following non-security bugs were fixed:
* blk-mq: add helper for checking if one CPU is mapped to specified hctx
(bsc#1223600).
* blk-mq: do not schedule block kworker on isolated CPUs (bsc#1223600).
* kabi: add __nf_queue_get_refs() for kabi compliance.
* scsi: ibmvfc: Add max_sectors module parameter (bsc#1216223).
* scsi: smartpqi: Expose SAS address for SATA drives (bsc#1223958).
* SUNRPC: avoid soft lockup when transmitting UDP to reachable server
(bsc#1225272 bsc#1231016).
## Special Instructions and Notes:
* Please reboot the system after installing this update.
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4
zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-3547=1
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4
zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-3547=1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-3547=1
* SUSE Manager Proxy 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-3547=1
* SUSE Manager Retail Branch Server 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-
Server-4.3-2024-3547=1
* SUSE Manager Server 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-3547=1
* openSUSE Leap 15.4
zypper in -t patch SUSE-2024-3547=1
* SUSE Linux Enterprise Micro for Rancher 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2024-3547=1
* SUSE Linux Enterprise Micro 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2024-3547=1
* SUSE Linux Enterprise Micro for Rancher 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2024-3547=1
* SUSE Linux Enterprise Micro 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2024-3547=1
* SUSE Linux Enterprise Live Patching 15-SP4
zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2024-3547=1
Please note that this is the initial kernel livepatch without fixes itself, this
package is later updated by separate standalone kernel livepatch updates.
* SUSE Linux Enterprise High Availability Extension 15 SP4
zypper in -t patch SUSE-SLE-Product-HA-15-SP4-2024-3547=1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-3547=1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-3547=1
## Package List:
* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (nosrc x86_64)
* kernel-default-5.14.21-150400.24.136.1
* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64)
* kernel-default-base-5.14.21-150400.24.136.1.150400.24.66.1
* kernel-default-debugsource-5.14.21-150400.24.136.1
* kernel-default-extra-debuginfo-5.14.21-150400.24.136.1
* kernel-obs-build-5.14.21-150400.24.136.1
* kernel-default-devel-debuginfo-5.14.21-150400.24.136.1
* kernel-syms-5.14.21-150400.24.136.1
* kernel-default-debuginfo-5.14.21-150400.24.136.1
* kernel-obs-build-debugsource-5.14.21-150400.24.136.1
* kernel-default-devel-5.14.21-150400.24.136.1
* kernel-default-extra-5.14.21-150400.24.136.1
* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (noarch)
* kernel-source-5.14.21-150400.24.136.1
* kernel-macros-5.14.21-150400.24.136.1
* kernel-devel-5.14.21-150400.24.136.1
* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (noarch nosrc)
* kernel-docs-5.14.21-150400.24.136.1
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 nosrc)
* kernel-64kb-5.14.21-150400.24.136.1
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64)
* kernel-64kb-debugsource-5.14.21-150400.24.136.1
* kernel-64kb-devel-5.14.21-150400.24.136.1
* kernel-64kb-debuginfo-5.14.21-150400.24.136.1
* kernel-64kb-devel-debuginfo-5.14.21-150400.24.136.1
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x
x86_64 nosrc)
* kernel-default-5.14.21-150400.24.136.1
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le x86_64)
* kernel-default-base-5.14.21-150400.24.136.1.150400.24.66.1
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x
x86_64)
* reiserfs-kmp-default-debuginfo-5.14.21-150400.24.136.1
* kernel-default-debuginfo-5.14.21-150400.24.136.1
* kernel-obs-build-5.14.21-150400.24.136.1
* kernel-default-devel-debuginfo-5.14.21-150400.24.136.1
* kernel-syms-5.14.21-150400.24.136.1
* kernel-default-debugsource-5.14.21-150400.24.136.1
* kernel-obs-build-debugsource-5.14.21-150400.24.136.1
* kernel-default-devel-5.14.21-150400.24.136.1
* reiserfs-kmp-default-5.14.21-150400.24.136.1
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch)
* kernel-source-5.14.21-150400.24.136.1
* kernel-macros-5.14.21-150400.24.136.1
* kernel-devel-5.14.21-150400.24.136.1
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch nosrc)
* kernel-docs-5.14.21-150400.24.136.1
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (nosrc s390x)
* kernel-zfcpdump-5.14.21-150400.24.136.1
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (s390x)
* kernel-zfcpdump-debugsource-5.14.21-150400.24.136.1
* kernel-zfcpdump-debuginfo-5.14.21-150400.24.136.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (nosrc ppc64le
x86_64)
* kernel-default-5.14.21-150400.24.136.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
* kernel-default-base-5.14.21-150400.24.136.1.150400.24.66.1
* kernel-default-debugsource-5.14.21-150400.24.136.1
* reiserfs-kmp-default-debuginfo-5.14.21-150400.24.136.1
* kernel-obs-build-5.14.21-150400.24.136.1
* kernel-default-devel-debuginfo-5.14.21-150400.24.136.1
* kernel-syms-5.14.21-150400.24.136.1
* kernel-default-debuginfo-5.14.21-150400.24.136.1
* kernel-obs-build-debugsource-5.14.21-150400.24.136.1
* kernel-default-devel-5.14.21-150400.24.136.1
* reiserfs-kmp-default-5.14.21-150400.24.136.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch)
* kernel-source-5.14.21-150400.24.136.1
* kernel-macros-5.14.21-150400.24.136.1
* kernel-devel-5.14.21-150400.24.136.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch nosrc)
* kernel-docs-5.14.21-150400.24.136.1
* SUSE Manager Proxy 4.3 (nosrc x86_64)
* kernel-default-5.14.21-150400.24.136.1
* SUSE Manager Proxy 4.3 (x86_64)
* kernel-default-base-5.14.21-150400.24.136.1.150400.24.66.1
* kernel-default-debugsource-5.14.21-150400.24.136.1
* kernel-default-devel-debuginfo-5.14.21-150400.24.136.1
* kernel-syms-5.14.21-150400.24.136.1
* kernel-default-debuginfo-5.14.21-150400.24.136.1
* kernel-default-devel-5.14.21-150400.24.136.1
* SUSE Manager Proxy 4.3 (noarch)
* kernel-source-5.14.21-150400.24.136.1
* kernel-macros-5.14.21-150400.24.136.1
* kernel-devel-5.14.21-150400.24.136.1
* SUSE Manager Retail Branch Server 4.3 (nosrc x86_64)
* kernel-default-5.14.21-150400.24.136.1
* SUSE Manager Retail Branch Server 4.3 (x86_64)
* kernel-default-base-5.14.21-150400.24.136.1.150400.24.66.1
* kernel-default-debugsource-5.14.21-150400.24.136.1
* kernel-default-devel-debuginfo-5.14.21-150400.24.136.1
* kernel-default-debuginfo-5.14.21-150400.24.136.1
* kernel-default-devel-5.14.21-150400.24.136.1
* SUSE Manager Retail Branch Server 4.3 (noarch)
* kernel-macros-5.14.21-150400.24.136.1
* kernel-devel-5.14.21-150400.24.136.1
* SUSE Manager Server 4.3 (nosrc ppc64le s390x x86_64)
* kernel-default-5.14.21-150400.24.136.1
* SUSE Manager Server 4.3 (ppc64le x86_64)
* kernel-default-base-5.14.21-150400.24.136.1.150400.24.66.1
* SUSE Manager Server 4.3 (ppc64le s390x x86_64)
* kernel-default-debuginfo-5.14.21-150400.24.136.1
* kernel-default-devel-debuginfo-5.14.21-150400.24.136.1
* kernel-syms-5.14.21-150400.24.136.1
* kernel-default-debugsource-5.14.21-150400.24.136.1
* kernel-default-devel-5.14.21-150400.24.136.1
* SUSE Manager Server 4.3 (noarch)
* kernel-source-5.14.21-150400.24.136.1
* kernel-macros-5.14.21-150400.24.136.1
* kernel-devel-5.14.21-150400.24.136.1
* SUSE Manager Server 4.3 (nosrc s390x)
* kernel-zfcpdump-5.14.21-150400.24.136.1
* SUSE Manager Server 4.3 (s390x)
* kernel-zfcpdump-debugsource-5.14.21-150400.24.136.1
* kernel-zfcpdump-debuginfo-5.14.21-150400.24.136.1
* openSUSE Leap 15.4 (noarch nosrc)
* kernel-docs-5.14.21-150400.24.136.1
* openSUSE Leap 15.4 (noarch)
* kernel-docs-html-5.14.21-150400.24.136.1
* kernel-source-5.14.21-150400.24.136.1
* kernel-macros-5.14.21-150400.24.136.1
* kernel-devel-5.14.21-150400.24.136.1
* kernel-source-vanilla-5.14.21-150400.24.136.1
* openSUSE Leap 15.4 (nosrc ppc64le x86_64)
* kernel-debug-5.14.21-150400.24.136.1
* openSUSE Leap 15.4 (ppc64le x86_64)
* kernel-debug-debugsource-5.14.21-150400.24.136.1
* kernel-debug-livepatch-devel-5.14.21-150400.24.136.1
* kernel-debug-devel-5.14.21-150400.24.136.1
* kernel-debug-debuginfo-5.14.21-150400.24.136.1
* kernel-debug-devel-debuginfo-5.14.21-150400.24.136.1
* openSUSE Leap 15.4 (aarch64 ppc64le x86_64)
* kernel-default-base-5.14.21-150400.24.136.1.150400.24.66.1
* kernel-kvmsmall-debugsource-5.14.21-150400.24.136.1
* kernel-kvmsmall-debuginfo-5.14.21-150400.24.136.1
* kernel-kvmsmall-devel-5.14.21-150400.24.136.1
* kernel-default-base-rebuild-5.14.21-150400.24.136.1.150400.24.66.1
* kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.136.1
* kernel-kvmsmall-devel-debuginfo-5.14.21-150400.24.136.1
* openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64)
* kselftests-kmp-default-5.14.21-150400.24.136.1
* kernel-obs-qa-5.14.21-150400.24.136.1
* kernel-default-devel-debuginfo-5.14.21-150400.24.136.1
* kernel-syms-5.14.21-150400.24.136.1
* reiserfs-kmp-default-5.14.21-150400.24.136.1
* kselftests-kmp-default-debuginfo-5.14.21-150400.24.136.1
* dlm-kmp-default-debuginfo-5.14.21-150400.24.136.1
* dlm-kmp-default-5.14.21-150400.24.136.1
* kernel-default-optional-debuginfo-5.14.21-150400.24.136.1
* ocfs2-kmp-default-debuginfo-5.14.21-150400.24.136.1
* kernel-obs-build-debugsource-5.14.21-150400.24.136.1
* kernel-default-livepatch-devel-5.14.21-150400.24.136.1
* ocfs2-kmp-default-5.14.21-150400.24.136.1
* kernel-default-extra-debuginfo-5.14.21-150400.24.136.1
* kernel-default-livepatch-5.14.21-150400.24.136.1
* kernel-obs-build-5.14.21-150400.24.136.1
* gfs2-kmp-default-debuginfo-5.14.21-150400.24.136.1
* kernel-default-debugsource-5.14.21-150400.24.136.1
* kernel-default-devel-5.14.21-150400.24.136.1
* reiserfs-kmp-default-debuginfo-5.14.21-150400.24.136.1
* cluster-md-kmp-default-5.14.21-150400.24.136.1
* kernel-default-extra-5.14.21-150400.24.136.1
* gfs2-kmp-default-5.14.21-150400.24.136.1
* kernel-default-optional-5.14.21-150400.24.136.1
* cluster-md-kmp-default-debuginfo-5.14.21-150400.24.136.1
* kernel-default-debuginfo-5.14.21-150400.24.136.1
* openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 nosrc)
* kernel-default-5.14.21-150400.24.136.1
* openSUSE Leap 15.4 (aarch64 nosrc ppc64le x86_64)
* kernel-kvmsmall-5.14.21-150400.24.136.1
* openSUSE Leap 15.4 (ppc64le s390x x86_64)
* kernel-livepatch-SLE15-SP4_Update_32-debugsource-1-150400.9.3.1
* kernel-livepatch-5_14_21-150400_24_136-default-1-150400.9.3.1
* kernel-livepatch-5_14_21-150400_24_136-default-debuginfo-1-150400.9.3.1
* openSUSE Leap 15.4 (nosrc s390x)
* kernel-zfcpdump-5.14.21-150400.24.136.1
* openSUSE Leap 15.4 (s390x)
* kernel-zfcpdump-debugsource-5.14.21-150400.24.136.1
* kernel-zfcpdump-debuginfo-5.14.21-150400.24.136.1
* openSUSE Leap 15.4 (nosrc)
* dtb-aarch64-5.14.21-150400.24.136.1
* openSUSE Leap 15.4 (aarch64)
* dtb-mediatek-5.14.21-150400.24.136.1
* dtb-sprd-5.14.21-150400.24.136.1
* dtb-qcom-5.14.21-150400.24.136.1
* dtb-broadcom-5.14.21-150400.24.136.1
* kernel-64kb-devel-debuginfo-5.14.21-150400.24.136.1
* dtb-allwinner-5.14.21-150400.24.136.1
* cluster-md-kmp-64kb-5.14.21-150400.24.136.1
* dtb-altera-5.14.21-150400.24.136.1
* ocfs2-kmp-64kb-debuginfo-5.14.21-150400.24.136.1
* dtb-arm-5.14.21-150400.24.136.1
* ocfs2-kmp-64kb-5.14.21-150400.24.136.1
* dtb-rockchip-5.14.21-150400.24.136.1
* dtb-apm-5.14.21-150400.24.136.1
* kernel-64kb-debugsource-5.14.21-150400.24.136.1
* dtb-hisilicon-5.14.21-150400.24.136.1
* dlm-kmp-64kb-debuginfo-5.14.21-150400.24.136.1
* reiserfs-kmp-64kb-debuginfo-5.14.21-150400.24.136.1
* dtb-amlogic-5.14.21-150400.24.136.1
* kernel-64kb-livepatch-devel-5.14.21-150400.24.136.1
* dtb-freescale-5.14.21-150400.24.136.1
* dtb-exynos-5.14.21-150400.24.136.1
* dtb-lg-5.14.21-150400.24.136.1
* kernel-64kb-extra-5.14.21-150400.24.136.1
* dtb-amazon-5.14.21-150400.24.136.1
* kernel-64kb-devel-5.14.21-150400.24.136.1
* gfs2-kmp-64kb-debuginfo-5.14.21-150400.24.136.1
* kselftests-kmp-64kb-5.14.21-150400.24.136.1
* dtb-xilinx-5.14.21-150400.24.136.1
* reiserfs-kmp-64kb-5.14.21-150400.24.136.1
* dtb-cavium-5.14.21-150400.24.136.1
* dtb-marvell-5.14.21-150400.24.136.1
* dlm-kmp-64kb-5.14.21-150400.24.136.1
* gfs2-kmp-64kb-5.14.21-150400.24.136.1
* dtb-apple-5.14.21-150400.24.136.1
* dtb-amd-5.14.21-150400.24.136.1
* kernel-64kb-optional-debuginfo-5.14.21-150400.24.136.1
* dtb-socionext-5.14.21-150400.24.136.1
* dtb-renesas-5.14.21-150400.24.136.1
* kernel-64kb-debuginfo-5.14.21-150400.24.136.1
* dtb-nvidia-5.14.21-150400.24.136.1
* kernel-64kb-optional-5.14.21-150400.24.136.1
* kselftests-kmp-64kb-debuginfo-5.14.21-150400.24.136.1
* kernel-64kb-extra-debuginfo-5.14.21-150400.24.136.1
* cluster-md-kmp-64kb-debuginfo-5.14.21-150400.24.136.1
* openSUSE Leap 15.4 (aarch64 nosrc)
* kernel-64kb-5.14.21-150400.24.136.1
* SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 nosrc s390x x86_64)
* kernel-default-5.14.21-150400.24.136.1
* SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 x86_64)
* kernel-default-base-5.14.21-150400.24.136.1.150400.24.66.1
* SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64)
* kernel-default-debugsource-5.14.21-150400.24.136.1
* kernel-default-debuginfo-5.14.21-150400.24.136.1
* SUSE Linux Enterprise Micro 5.3 (aarch64 nosrc s390x x86_64)
* kernel-default-5.14.21-150400.24.136.1
* SUSE Linux Enterprise Micro 5.3 (aarch64 x86_64)
* kernel-default-base-5.14.21-150400.24.136.1.150400.24.66.1
* SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64)
* kernel-default-debugsource-5.14.21-150400.24.136.1
* kernel-default-debuginfo-5.14.21-150400.24.136.1
* SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 nosrc s390x x86_64)
* kernel-default-5.14.21-150400.24.136.1
* SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 x86_64)
* kernel-default-base-5.14.21-150400.24.136.1.150400.24.66.1
* SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64)
* kernel-default-debugsource-5.14.21-150400.24.136.1
* kernel-default-debuginfo-5.14.21-150400.24.136.1
* SUSE Linux Enterprise Micro 5.4 (aarch64 nosrc s390x x86_64)
* kernel-default-5.14.21-150400.24.136.1
* SUSE Linux Enterprise Micro 5.4 (aarch64 x86_64)
* kernel-default-base-5.14.21-150400.24.136.1.150400.24.66.1
* SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64)
* kernel-default-debugsource-5.14.21-150400.24.136.1
* kernel-default-debuginfo-5.14.21-150400.24.136.1
* SUSE Linux Enterprise Live Patching 15-SP4 (nosrc)
* kernel-default-5.14.21-150400.24.136.1
* SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64)
* kernel-livepatch-5_14_21-150400_24_136-default-1-150400.9.3.1
* kernel-default-livepatch-5.14.21-150400.24.136.1
* kernel-livepatch-SLE15-SP4_Update_32-debugsource-1-150400.9.3.1
* kernel-default-debuginfo-5.14.21-150400.24.136.1
* kernel-default-debugsource-5.14.21-150400.24.136.1
* kernel-livepatch-5_14_21-150400_24_136-default-debuginfo-1-150400.9.3.1
* kernel-default-livepatch-devel-5.14.21-150400.24.136.1
* SUSE Linux Enterprise High Availability Extension 15 SP4 (aarch64 ppc64le
s390x x86_64)
* cluster-md-kmp-default-5.14.21-150400.24.136.1
* kernel-default-debugsource-5.14.21-150400.24.136.1
* ocfs2-kmp-default-5.14.21-150400.24.136.1
* dlm-kmp-default-debuginfo-5.14.21-150400.24.136.1
* dlm-kmp-default-5.14.21-150400.24.136.1
* cluster-md-kmp-default-debuginfo-5.14.21-150400.24.136.1
* gfs2-kmp-default-debuginfo-5.14.21-150400.24.136.1
* ocfs2-kmp-default-debuginfo-5.14.21-150400.24.136.1
* kernel-default-debuginfo-5.14.21-150400.24.136.1
* gfs2-kmp-default-5.14.21-150400.24.136.1
* SUSE Linux Enterprise High Availability Extension 15 SP4 (nosrc)
* kernel-default-5.14.21-150400.24.136.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
nosrc)
* kernel-64kb-5.14.21-150400.24.136.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64)
* kernel-64kb-debugsource-5.14.21-150400.24.136.1
* kernel-64kb-devel-5.14.21-150400.24.136.1
* kernel-64kb-debuginfo-5.14.21-150400.24.136.1
* kernel-64kb-devel-debuginfo-5.14.21-150400.24.136.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 nosrc
x86_64)
* kernel-default-5.14.21-150400.24.136.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
x86_64)
* kernel-default-base-5.14.21-150400.24.136.1.150400.24.66.1
* kernel-default-debugsource-5.14.21-150400.24.136.1
* reiserfs-kmp-default-debuginfo-5.14.21-150400.24.136.1
* kernel-obs-build-5.14.21-150400.24.136.1
* kernel-default-devel-debuginfo-5.14.21-150400.24.136.1
* kernel-syms-5.14.21-150400.24.136.1
* kernel-default-debuginfo-5.14.21-150400.24.136.1
* kernel-obs-build-debugsource-5.14.21-150400.24.136.1
* kernel-default-devel-5.14.21-150400.24.136.1
* reiserfs-kmp-default-5.14.21-150400.24.136.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch)
* kernel-source-5.14.21-150400.24.136.1
* kernel-macros-5.14.21-150400.24.136.1
* kernel-devel-5.14.21-150400.24.136.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch nosrc)
* kernel-docs-5.14.21-150400.24.136.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 nosrc)
* kernel-64kb-5.14.21-150400.24.136.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64)
* kernel-64kb-debugsource-5.14.21-150400.24.136.1
* kernel-64kb-devel-5.14.21-150400.24.136.1
* kernel-64kb-debuginfo-5.14.21-150400.24.136.1
* kernel-64kb-devel-debuginfo-5.14.21-150400.24.136.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 nosrc
x86_64)
* kernel-default-5.14.21-150400.24.136.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
x86_64)
* kernel-default-base-5.14.21-150400.24.136.1.150400.24.66.1
* kernel-default-debugsource-5.14.21-150400.24.136.1
* reiserfs-kmp-default-debuginfo-5.14.21-150400.24.136.1
* kernel-obs-build-5.14.21-150400.24.136.1
* kernel-default-devel-debuginfo-5.14.21-150400.24.136.1
* kernel-syms-5.14.21-150400.24.136.1
* kernel-default-debuginfo-5.14.21-150400.24.136.1
* kernel-obs-build-debugsource-5.14.21-150400.24.136.1
* kernel-default-devel-5.14.21-150400.24.136.1
* reiserfs-kmp-default-5.14.21-150400.24.136.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch)
* kernel-source-5.14.21-150400.24.136.1
* kernel-macros-5.14.21-150400.24.136.1
* kernel-devel-5.14.21-150400.24.136.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch nosrc)
* kernel-docs-5.14.21-150400.24.136.1
## References:
* https://www.suse.com/security/cve/CVE-2022-48911.html
* https://www.suse.com/security/cve/CVE-2022-48923.html
* https://www.suse.com/security/cve/CVE-2022-48944.html
* https://www.suse.com/security/cve/CVE-2022-48945.html
* https://www.suse.com/security/cve/CVE-2024-41087.html
* https://www.suse.com/security/cve/CVE-2024-42301.html
* https://www.suse.com/security/cve/CVE-2024-44946.html
* https://www.suse.com/security/cve/CVE-2024-45021.html
* https://www.suse.com/security/cve/CVE-2024-46674.html
* https://www.suse.com/security/cve/CVE-2024-46774.html
* https://bugzilla.suse.com/show_bug.cgi?id=1216223
* https://bugzilla.suse.com/show_bug.cgi?id=1223600
* https://bugzilla.suse.com/show_bug.cgi?id=1223958
* https://bugzilla.suse.com/show_bug.cgi?id=1225272
* https://bugzilla.suse.com/show_bug.cgi?id=1227487
* https://bugzilla.suse.com/show_bug.cgi?id=1228466
* https://bugzilla.suse.com/show_bug.cgi?id=1229407
* https://bugzilla.suse.com/show_bug.cgi?id=1229633
* https://bugzilla.suse.com/show_bug.cgi?id=1229662
* https://bugzilla.suse.com/show_bug.cgi?id=1229947
* https://bugzilla.suse.com/show_bug.cgi?id=1230015
* https://bugzilla.suse.com/show_bug.cgi?id=1230398
* https://bugzilla.suse.com/show_bug.cgi?id=1230434
* https://bugzilla.suse.com/show_bug.cgi?id=1230507
* https://bugzilla.suse.com/show_bug.cgi?id=1230767
* https://bugzilla.suse.com/show_bug.cgi?id=1231016
SUSE-SU-2024:3550-1: moderate: Security update for podofo
# Security update for podofo
Announcement ID: SUSE-SU-2024:3550-1
Release Date: 2024-10-08T14:08:01Z
Rating: moderate
References:
* bsc#1023072
* bsc#1023190
* bsc#1027776
* bsc#1027779
* bsc#1027785
* bsc#1027786
* bsc#1027787
* bsc#1037000
* bsc#1075322
* bsc#1084894
Cross-References:
* CVE-2015-8981
* CVE-2017-6840
* CVE-2017-6841
* CVE-2017-6842
* CVE-2017-6845
* CVE-2017-6849
* CVE-2017-8378
* CVE-2018-5309
* CVE-2018-8001
CVSS scores:
* CVE-2017-6840 ( NVD ): 5.5 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
* CVE-2017-6841 ( NVD ): 5.5 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
* CVE-2017-6842 ( NVD ): 5.5 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
* CVE-2017-6845 ( NVD ): 5.5 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
* CVE-2017-6849 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2017-6849 ( NVD ): 5.5 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
* CVE-2017-8378 ( SUSE ): 5.9 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
* CVE-2017-8378 ( NVD ): 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
* CVE-2018-5309 ( SUSE ): 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
* CVE-2018-5309 ( NVD ): 5.5 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
* CVE-2018-8001 ( SUSE ): 5.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
* CVE-2018-8001 ( NVD ): 7.8 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected Products:
* openSUSE Leap 15.3
* openSUSE Leap 15.5
* openSUSE Leap 15.6
* SUSE Linux Enterprise Desktop 15 SP5
* SUSE Linux Enterprise Desktop 15 SP6
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise Micro 5.5
* SUSE Linux Enterprise Real Time 15 SP5
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
* SUSE Package Hub 15 15-SP5
* SUSE Package Hub 15 15-SP6
An update that solves nine vulnerabilities and has one security fix can now be
installed.
## Description:
This update for podofo fixes the following issues:
* CVE-2015-8981: Fixed heap overflow in the function ReadXRefSubsection
(bsc#1023190)
* CVE-2017-6840: Fixed invalid memory read in ColorChanger::GetColorFromStack
(colorchanger.cpp) (bsc#1027787)
* CVE-2017-6841: Fixed NULL pointer dereference in
GraphicsStack::TGraphicsStackElement::~TGraphicsStackElement
(graphicsstack.h) (bsc#1027786)
* CVE-2017-6842: Fixed NULL pointer dereference in
ColorChanger::GetColorFromStack (colorchanger.cpp) (bsc#1027785)
* CVE-2017-6845: Fixed NULL pointer dereference in
GraphicsStack::TGraphicsStackElement::SetNonStrokingColorSpace
(graphicsstack.h) (bsc#1027779)
* CVE-2017-6849: Fixed NULL pointer dereference in
PoDoFo::PdfColorGray::~PdfColorGray (PdfColor.cpp) (bsc#1027776)
* CVE-2017-8378: Fixed denial of service (application crash) vectors related
to m_offsets.size (PdfParser::ReadObjects func in base/PdfParser.cpp)
(bsc#1037000)
* Fixed NULL pointer dereference in PdfInfo::GuessFormat (pdfinfo.cpp)
(bsc#1023072)
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* openSUSE Leap 15.3
zypper in -t patch SUSE-2024-3550=1
* openSUSE Leap 15.5
zypper in -t patch openSUSE-SLE-15.5-2024-3550=1
* openSUSE Leap 15.6
zypper in -t patch openSUSE-SLE-15.6-2024-3550=1
* SUSE Package Hub 15 15-SP5
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-3550=1
* SUSE Package Hub 15 15-SP6
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2024-3550=1
## Package List:
* openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586)
* podofo-debugsource-0.9.6-150300.3.15.1
* libpodofo0_9_6-0.9.6-150300.3.15.1
* podofo-debuginfo-0.9.6-150300.3.15.1
* libpodofo0_9_6-debuginfo-0.9.6-150300.3.15.1
* podofo-0.9.6-150300.3.15.1
* libpodofo-devel-0.9.6-150300.3.15.1
* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64)
* podofo-debugsource-0.9.6-150300.3.15.1
* libpodofo0_9_6-0.9.6-150300.3.15.1
* podofo-debuginfo-0.9.6-150300.3.15.1
* libpodofo0_9_6-debuginfo-0.9.6-150300.3.15.1
* podofo-0.9.6-150300.3.15.1
* libpodofo-devel-0.9.6-150300.3.15.1
* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
* podofo-debugsource-0.9.6-150300.3.15.1
* libpodofo0_9_6-0.9.6-150300.3.15.1
* podofo-debuginfo-0.9.6-150300.3.15.1
* libpodofo0_9_6-debuginfo-0.9.6-150300.3.15.1
* podofo-0.9.6-150300.3.15.1
* libpodofo-devel-0.9.6-150300.3.15.1
* SUSE Package Hub 15 15-SP5 (aarch64 ppc64le s390x x86_64)
* podofo-debugsource-0.9.6-150300.3.15.1
* libpodofo0_9_6-0.9.6-150300.3.15.1
* podofo-debuginfo-0.9.6-150300.3.15.1
* libpodofo0_9_6-debuginfo-0.9.6-150300.3.15.1
* podofo-0.9.6-150300.3.15.1
* libpodofo-devel-0.9.6-150300.3.15.1
* SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x x86_64)
* podofo-debugsource-0.9.6-150300.3.15.1
* libpodofo0_9_6-0.9.6-150300.3.15.1
* podofo-debuginfo-0.9.6-150300.3.15.1
* libpodofo0_9_6-debuginfo-0.9.6-150300.3.15.1
* podofo-0.9.6-150300.3.15.1
* libpodofo-devel-0.9.6-150300.3.15.1
## References:
* https://www.suse.com/security/cve/CVE-2015-8981.html
* https://www.suse.com/security/cve/CVE-2017-6840.html
* https://www.suse.com/security/cve/CVE-2017-6841.html
* https://www.suse.com/security/cve/CVE-2017-6842.html
* https://www.suse.com/security/cve/CVE-2017-6845.html
* https://www.suse.com/security/cve/CVE-2017-6849.html
* https://www.suse.com/security/cve/CVE-2017-8378.html
* https://www.suse.com/security/cve/CVE-2018-5309.html
* https://www.suse.com/security/cve/CVE-2018-8001.html
* https://bugzilla.suse.com/show_bug.cgi?id=1023072
* https://bugzilla.suse.com/show_bug.cgi?id=1023190
* https://bugzilla.suse.com/show_bug.cgi?id=1027776
* https://bugzilla.suse.com/show_bug.cgi?id=1027779
* https://bugzilla.suse.com/show_bug.cgi?id=1027785
* https://bugzilla.suse.com/show_bug.cgi?id=1027786
* https://bugzilla.suse.com/show_bug.cgi?id=1027787
* https://bugzilla.suse.com/show_bug.cgi?id=1037000
* https://bugzilla.suse.com/show_bug.cgi?id=1075322
* https://bugzilla.suse.com/show_bug.cgi?id=1084894
SUSE-SU-2024:3551-1: important: Security update for the Linux Kernel
# Security update for the Linux Kernel
Announcement ID: SUSE-SU-2024:3551-1
Release Date: 2024-10-08T15:03:18Z
Rating: important
References:
* bsc#1012628
* bsc#1183045
* bsc#1215199
* bsc#1216223
* bsc#1216776
* bsc#1220382
* bsc#1221527
* bsc#1221610
* bsc#1221650
* bsc#1222629
* bsc#1223600
* bsc#1223848
* bsc#1225487
* bsc#1225812
* bsc#1225903
* bsc#1226003
* bsc#1226507
* bsc#1226606
* bsc#1226666
* bsc#1226846
* bsc#1226860
* bsc#1227487
* bsc#1227694
* bsc#1227726
* bsc#1227819
* bsc#1227885
* bsc#1227890
* bsc#1227962
* bsc#1228090
* bsc#1228140
* bsc#1228244
* bsc#1228507
* bsc#1228771
* bsc#1229001
* bsc#1229004
* bsc#1229019
* bsc#1229086
* bsc#1229167
* bsc#1229169
* bsc#1229289
* bsc#1229334
* bsc#1229362
* bsc#1229363
* bsc#1229364
* bsc#1229371
* bsc#1229380
* bsc#1229389
* bsc#1229394
* bsc#1229429
* bsc#1229443
* bsc#1229452
* bsc#1229455
* bsc#1229456
* bsc#1229494
* bsc#1229585
* bsc#1229753
* bsc#1229764
* bsc#1229768
* bsc#1229790
* bsc#1229810
* bsc#1229899
* bsc#1229928
* bsc#1230015
* bsc#1230119
* bsc#1230123
* bsc#1230124
* bsc#1230125
* bsc#1230169
* bsc#1230170
* bsc#1230171
* bsc#1230173
* bsc#1230174
* bsc#1230175
* bsc#1230176
* bsc#1230178
* bsc#1230180
* bsc#1230181
* bsc#1230185
* bsc#1230191
* bsc#1230192
* bsc#1230193
* bsc#1230194
* bsc#1230195
* bsc#1230200
* bsc#1230204
* bsc#1230206
* bsc#1230207
* bsc#1230209
* bsc#1230211
* bsc#1230213
* bsc#1230217
* bsc#1230221
* bsc#1230224
* bsc#1230230
* bsc#1230232
* bsc#1230233
* bsc#1230240
* bsc#1230244
* bsc#1230245
* bsc#1230247
* bsc#1230248
* bsc#1230269
* bsc#1230270
* bsc#1230295
* bsc#1230340
* bsc#1230350
* bsc#1230413
* bsc#1230426
* bsc#1230430
* bsc#1230431
* bsc#1230432
* bsc#1230433
* bsc#1230434
* bsc#1230435
* bsc#1230440
* bsc#1230441
* bsc#1230442
* bsc#1230444
* bsc#1230450
* bsc#1230451
* bsc#1230454
* bsc#1230455
* bsc#1230457
* bsc#1230459
* bsc#1230506
* bsc#1230507
* bsc#1230511
* bsc#1230515
* bsc#1230517
* bsc#1230518
* bsc#1230519
* bsc#1230520
* bsc#1230521
* bsc#1230524
* bsc#1230526
* bsc#1230533
* bsc#1230535
* bsc#1230539
* bsc#1230540
* bsc#1230549
* bsc#1230556
* bsc#1230562
* bsc#1230563
* bsc#1230564
* bsc#1230580
* bsc#1230582
* bsc#1230589
* bsc#1230602
* bsc#1230699
* bsc#1230700
* bsc#1230701
* bsc#1230702
* bsc#1230703
* bsc#1230704
* bsc#1230705
* bsc#1230706
* bsc#1230709
* bsc#1230711
* bsc#1230712
* bsc#1230715
* bsc#1230719
* bsc#1230722
* bsc#1230724
* bsc#1230725
* bsc#1230726
* bsc#1230727
* bsc#1230730
* bsc#1230731
* bsc#1230732
* bsc#1230747
* bsc#1230748
* bsc#1230749
* bsc#1230751
* bsc#1230752
* bsc#1230753
* bsc#1230756
* bsc#1230761
* bsc#1230766
* bsc#1230767
* bsc#1230768
* bsc#1230771
* bsc#1230772
* bsc#1230775
* bsc#1230776
* bsc#1230780
* bsc#1230783
* bsc#1230786
* bsc#1230787
* bsc#1230791
* bsc#1230794
* bsc#1230796
* bsc#1230802
* bsc#1230806
* bsc#1230808
* bsc#1230809
* bsc#1230810
* bsc#1230812
* bsc#1230813
* bsc#1230814
* bsc#1230815
* bsc#1230821
* bsc#1230825
* bsc#1230830
* bsc#1230831
* bsc#1230854
* bsc#1230948
* bsc#1231008
* bsc#1231035
* bsc#1231120
* bsc#1231146
* bsc#1231182
* bsc#1231183
* jsc#PED-10954
* jsc#PED-9899
Cross-References:
* CVE-2023-52610
* CVE-2023-52752
* CVE-2023-52915
* CVE-2023-52916
* CVE-2024-26640
* CVE-2024-26759
* CVE-2024-26804
* CVE-2024-36953
* CVE-2024-38538
* CVE-2024-38596
* CVE-2024-38632
* CVE-2024-40965
* CVE-2024-40973
* CVE-2024-40983
* CVE-2024-42154
* CVE-2024-42243
* CVE-2024-42252
* CVE-2024-42265
* CVE-2024-42294
* CVE-2024-42304
* CVE-2024-42305
* CVE-2024-42306
* CVE-2024-43828
* CVE-2024-43832
* CVE-2024-43835
* CVE-2024-43845
* CVE-2024-43870
* CVE-2024-43890
* CVE-2024-43898
* CVE-2024-43904
* CVE-2024-43914
* CVE-2024-44935
* CVE-2024-44944
* CVE-2024-44946
* CVE-2024-44947
* CVE-2024-44948
* CVE-2024-44950
* CVE-2024-44951
* CVE-2024-44952
* CVE-2024-44954
* CVE-2024-44960
* CVE-2024-44961
* CVE-2024-44962
* CVE-2024-44965
* CVE-2024-44967
* CVE-2024-44969
* CVE-2024-44970
* CVE-2024-44971
* CVE-2024-44977
* CVE-2024-44982
* CVE-2024-44984
* CVE-2024-44985
* CVE-2024-44986
* CVE-2024-44987
* CVE-2024-44988
* CVE-2024-44989
* CVE-2024-44990
* CVE-2024-44991
* CVE-2024-44997
* CVE-2024-44998
* CVE-2024-44999
* CVE-2024-45000
* CVE-2024-45001
* CVE-2024-45002
* CVE-2024-45003
* CVE-2024-45005
* CVE-2024-45006
* CVE-2024-45007
* CVE-2024-45008
* CVE-2024-45011
* CVE-2024-45012
* CVE-2024-45013
* CVE-2024-45015
* CVE-2024-45017
* CVE-2024-45018
* CVE-2024-45019
* CVE-2024-45020
* CVE-2024-45021
* CVE-2024-45022
* CVE-2024-45023
* CVE-2024-45026
* CVE-2024-45028
* CVE-2024-45029
* CVE-2024-45030
* CVE-2024-46672
* CVE-2024-46673
* CVE-2024-46674
* CVE-2024-46675
* CVE-2024-46676
* CVE-2024-46677
* CVE-2024-46679
* CVE-2024-46685
* CVE-2024-46686
* CVE-2024-46687
* CVE-2024-46689
* CVE-2024-46691
* CVE-2024-46692
* CVE-2024-46693
* CVE-2024-46694
* CVE-2024-46695
* CVE-2024-46702
* CVE-2024-46706
* CVE-2024-46707
* CVE-2024-46709
* CVE-2024-46710
* CVE-2024-46714
* CVE-2024-46715
* CVE-2024-46716
* CVE-2024-46717
* CVE-2024-46719
* CVE-2024-46720
* CVE-2024-46722
* CVE-2024-46723
* CVE-2024-46724
* CVE-2024-46725
* CVE-2024-46726
* CVE-2024-46728
* CVE-2024-46729
* CVE-2024-46730
* CVE-2024-46731
* CVE-2024-46732
* CVE-2024-46734
* CVE-2024-46735
* CVE-2024-46737
* CVE-2024-46738
* CVE-2024-46739
* CVE-2024-46741
* CVE-2024-46743
* CVE-2024-46744
* CVE-2024-46745
* CVE-2024-46746
* CVE-2024-46747
* CVE-2024-46749
* CVE-2024-46750
* CVE-2024-46751
* CVE-2024-46752
* CVE-2024-46753
* CVE-2024-46755
* CVE-2024-46756
* CVE-2024-46757
* CVE-2024-46758
* CVE-2024-46759
* CVE-2024-46760
* CVE-2024-46761
* CVE-2024-46767
* CVE-2024-46771
* CVE-2024-46772
* CVE-2024-46773
* CVE-2024-46774
* CVE-2024-46776
* CVE-2024-46778
* CVE-2024-46780
* CVE-2024-46781
* CVE-2024-46783
* CVE-2024-46784
* CVE-2024-46786
* CVE-2024-46787
* CVE-2024-46791
* CVE-2024-46794
* CVE-2024-46797
* CVE-2024-46798
* CVE-2024-46822
CVSS scores:
* CVE-2023-52610 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
* CVE-2023-52752 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-52752 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-52915 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52915 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52916 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26640 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26759 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26804 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-36953 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-38538 ( SUSE ): 4.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L
* CVE-2024-38538 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
* CVE-2024-38596 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N
* CVE-2024-38632 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-38632 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-40965 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-40965 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-40973 ( SUSE ): 6.8
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2024-40973 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-40973 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-40983 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-42154 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-42154 ( NVD ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
* CVE-2024-42243 ( SUSE ): 6.8
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2024-42243 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-42243 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-42252 ( SUSE ): 5.7
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2024-42252 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-42252 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-42265 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
* CVE-2024-42294 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-42294 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-42304 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-42305 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-42306 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-43828 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-43828 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-43832 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-43835 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-43845 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-43870 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-43890 ( SUSE ): 4.8
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
* CVE-2024-43890 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
* CVE-2024-43890 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-43898 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-43898 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-43904 ( SUSE ): 6.8
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2024-43904 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-43904 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-43914 ( SUSE ): 6.8
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2024-43914 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-43914 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-44935 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-44935 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-44944 ( SUSE ): 6.8
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2024-44944 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-44944 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-44946 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-44946 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-44947 ( SUSE ): 6.8
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N
* CVE-2024-44947 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
* CVE-2024-44947 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
* CVE-2024-44948 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-44950 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-44951 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-44952 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-44952 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-44954 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-44960 ( SUSE ): 0.0
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N
* CVE-2024-44960 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:N
* CVE-2024-44960 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-44961 ( SUSE ): 6.8
CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H
* CVE-2024-44961 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-44961 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-44962 ( SUSE ): 6.8
CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H
* CVE-2024-44962 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-44962 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-44965 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-44965 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-44967 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-44967 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-44969 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-44969 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-44970 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-44970 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-44971 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-44971 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-44977 ( SUSE ): 6.9
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2024-44977 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-44982 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-44984 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
* CVE-2024-44985 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-44985 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-44986 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-44986 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-44987 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
* CVE-2024-44987 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-44988 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-44989 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-44989 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-44990 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-44990 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-44991 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-44997 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-44997 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-44998 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-44998 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-44999 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-44999 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
* CVE-2024-45000 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-45000 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-45001 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-45002 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-45002 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-45003 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-45005 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-45006 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-45006 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-45007 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-45008 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-45011 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-45011 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-45012 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
* CVE-2024-45012 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-45013 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-45013 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-45015 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-45015 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-45017 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-45017 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-45018 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
* CVE-2024-45018 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-45019 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-45019 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-45020 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-45020 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-45021 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-45021 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-45022 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-45022 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-45023 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-45023 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
* CVE-2024-45026 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-45026 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-45028 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-45028 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-45029 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-45029 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-45030 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-45030 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-46672 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-46672 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-46673 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-46673 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-46674 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-46674 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-46675 ( SUSE ): 5.8
CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:L/VI:L/VA:H/SC:L/SI:L/SA:L
* CVE-2024-46675 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H
* CVE-2024-46675 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-46676 ( SUSE ): 2.4
CVSS:4.0/AV:P/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L
* CVE-2024-46676 ( SUSE ): 4.3 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
* CVE-2024-46676 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-46677 ( SUSE ): 6.8
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H
* CVE-2024-46677 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-46677 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-46679 ( SUSE ): 5.6
CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L
* CVE-2024-46679 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-46679 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-46685 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-46685 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-46686 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-46686 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-46687 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
* CVE-2024-46687 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-46689 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-46689 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-46691 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-46691 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-46692 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-46692 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-46693 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-46693 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-46694 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-46694 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-46695 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-46695 ( NVD ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
* CVE-2024-46702 ( SUSE ): 5.6
CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L
* CVE-2024-46702 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-46702 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-46706 ( SUSE ): 4.0 CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-46706 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-46707 ( SUSE ): 6.8
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2024-46707 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-46707 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-46709 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-46709 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-46710 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-46710 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-46714 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-46714 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-46715 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-46716 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
* CVE-2024-46717 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-46719 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-46719 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-46720 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-46720 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-46722 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-46722 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
* CVE-2024-46723 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-46723 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
* CVE-2024-46724 ( SUSE ): 5.7
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
* CVE-2024-46724 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
* CVE-2024-46724 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
* CVE-2024-46725 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-46725 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-46726 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-46726 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-46728 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-46728 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-46729 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-46730 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-46730 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-46731 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-46731 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
* CVE-2024-46732 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-46732 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-46734 ( SUSE ): 5.7
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2024-46734 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-46735 ( SUSE ): 5.6
CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2024-46735 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-46735 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-46737 ( SUSE ): 7.0
CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H
* CVE-2024-46737 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-46737 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-46738 ( SUSE ): 8.7
CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
* CVE-2024-46738 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-46738 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-46739 ( SUSE ): 8.2
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H
* CVE-2024-46739 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-46739 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-46741 ( SUSE ): 7.1
CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2024-46741 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-46741 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-46743 ( SUSE ): 5.6
CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
* CVE-2024-46743 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
* CVE-2024-46743 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
* CVE-2024-46744 ( SUSE ): 5.9
CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
* CVE-2024-46744 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
* CVE-2024-46744 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-46745 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-46746 ( SUSE ): 5.7
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
* CVE-2024-46746 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
* CVE-2024-46746 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-46747 ( SUSE ): 5.7
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
* CVE-2024-46747 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
* CVE-2024-46747 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
* CVE-2024-46749 ( SUSE ): 5.6
CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2024-46749 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-46749 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-46750 ( SUSE ): 5.7
CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2024-46750 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-46750 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-46751 ( SUSE ): 5.7
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2024-46751 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-46751 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-46752 ( SUSE ): 5.7
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2024-46752 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-46753 ( SUSE ): 5.7
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2024-46753 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-46755 ( SUSE ): 5.7
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2024-46755 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-46755 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-46756 ( SUSE ): 1.8
CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
* CVE-2024-46756 ( SUSE ): 2.3 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N
* CVE-2024-46756 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-46757 ( SUSE ): 1.8
CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
* CVE-2024-46757 ( SUSE ): 2.3 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N
* CVE-2024-46757 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-46758 ( SUSE ): 1.8
CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
* CVE-2024-46758 ( SUSE ): 2.3 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N
* CVE-2024-46758 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-46759 ( SUSE ): 1.8
CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
* CVE-2024-46759 ( SUSE ): 2.3 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N
* CVE-2024-46759 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-46760 ( SUSE ): 6.8
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2024-46760 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-46760 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-46761 ( SUSE ): 5.9
CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2024-46761 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-46761 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-46767 ( SUSE ): 6.8
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2024-46767 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-46771 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-46772 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-46772 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-46773 ( SUSE ): 6.8
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2024-46773 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-46773 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-46774 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-46776 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-46778 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-46780 ( SUSE ): 6.8
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2024-46780 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-46781 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-46781 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-46783 ( SUSE ): 5.7
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2024-46783 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-46784 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-46784 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-46786 ( SUSE ): 5.8
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2024-46786 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H
* CVE-2024-46786 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-46787 ( SUSE ): 5.7
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2024-46787 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-46791 ( SUSE ): 6.8
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2024-46791 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-46791 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-46794 ( SUSE ): 2.0
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
* CVE-2024-46794 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
* CVE-2024-46797 ( SUSE ): 6.8
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2024-46797 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-46797 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-46798 ( SUSE ): 6.8
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2024-46798 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-46798 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-46822 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-46822 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Affected Products:
* openSUSE Leap 15.6
* Public Cloud Module 15-SP6
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
An update that solves 162 vulnerabilities, contains two features and has 50
security fixes can now be installed.
## Description:
The SUSE Linux Enterprise 15 SP6 Azure kernel was updated to receive various
security bugfixes.
The following security bugs were fixed:
* CVE-2023-52610: net/sched: act_ct: fix skb leak and crash on ooo frags
(bsc#1221610).
* CVE-2023-52752: smb: client: fix use-after-free bug in
cifs_debug_data_proc_show() (bsc#1225487).
* CVE-2023-52916: media: aspeed: Fix memory overwrite if timing is 1600x900
(bsc#1230269).
* CVE-2024-26640: tcp: add sanity checks to rx zerocopy (bsc#1221650).
* CVE-2024-26759: mm/swap: fix race when skipping swapcache (bsc#1230340).
* CVE-2024-26804: net: ip_tunnel: prevent perpetual headroom growth
(bsc#1222629).
* CVE-2024-38538: net: bridge: xmit: make sure we have at least eth header len
bytes (bsc#1226606).
* CVE-2024-38596: af_unix: Fix data races in
unix_release_sock/unix_stream_sendmsg (bsc#1226846).
* CVE-2024-40965: i2c: lpi2c: Avoid calling clk_get_rate during transfer
(bsc#1227885).
* CVE-2024-40973: media: mtk-vcodec: potential null pointer deference in SCP
(bsc#1227890).
* CVE-2024-40983: tipc: force a dst refcount before doing decryption
(bsc#1227819).
* CVE-2024-42154: tcp_metrics: validate source addr length (bsc#1228507).
* CVE-2024-42243: mm/filemap: make MAX_PAGECACHE_ORDER acceptable to xarray
(bsc#1229001).
* CVE-2024-42252: closures: Change BUG_ON() to WARN_ON() (bsc#1229004).
* CVE-2024-42265: protect the fetch of ->fd[fd] in do_dup2() from
mispredictions (bsc#1229334).
* CVE-2024-42294: block: fix deadlock between sd_remove & sd_release
(bsc#1229371).
* CVE-2024-42304: ext4: make sure the first directory block is not a hole
(bsc#1229364).
* CVE-2024-42305: ext4: check dot and dotdot of dx_root before making dir
indexed (bsc#1229363).
* CVE-2024-42306: udf: Avoid using corrupted block bitmap buffer
(bsc#1229362).
* CVE-2024-43828: ext4: fix infinite loop when replaying fast_commit
(bsc#1229394).
* CVE-2024-43832: s390/uv: Do not call folio_wait_writeback() without a folio
reference (bsc#1229380).
* CVE-2024-43845: udf: Fix bogus checksum computation in udf_rename()
(bsc#1229389).
* CVE-2024-43890: tracing: Fix overflow in get_free_elt() (bsc#1229764).
* CVE-2024-43898: ext4: sanity check for NULL pointer after
ext4_force_shutdown (bsc#1229753).
* CVE-2024-43914: md/raid5: avoid BUG_ON() while continue reshape after
reassembling (bsc#1229790).
* CVE-2024-44935: sctp: Fix null-ptr-deref in reuseport_add_sock()
(bsc#1229810).
* CVE-2024-44944: netfilter: ctnetlink: use helper function to calculate
expect ID (bsc#1229899).
* CVE-2024-44946: kcm: Serialise kcm_sendmsg() for the same socket
(bsc#1230015).
* CVE-2024-44950: serial: sc16is7xx: fix invalid FIFO access with special
register set (bsc#1230180).
* CVE-2024-44951: serial: sc16is7xx: fix TX fifo corruption (bsc#1230181).
* CVE-2024-44970: net/mlx5e: SHAMPO, Fix invalid WQ linked list unlink
(bsc#1230209).
* CVE-2024-44971: net: dsa: bcm_sf2: Fix a possible memory leak in
bcm_sf2_mdio_register() (bsc#1230211).
* CVE-2024-44984: bnxt_en: Fix double DMA unmapping for XDP_REDIRECT
(bsc#1230240).
* CVE-2024-44985: ipv6: prevent possible UAF in ip6_xmit() (bsc#1230206).
* CVE-2024-44987: ipv6: prevent UAF in ip6_send_skb() (bsc#1230185).
* CVE-2024-44988: net: dsa: mv88e6xxx: Fix out-of-bound access (bsc#1230192).
* CVE-2024-44989: bonding: fix xfrm real_dev null pointer dereference
(bsc#1230193).
* CVE-2024-44990: bonding: fix null pointer deref in bond_ipsec_offload_ok
(bsc#1230194).
* CVE-2024-44991: tcp: prevent concurrent execution of tcp_sk_exit_batch
(bsc#1230195).
* CVE-2024-44998: atm: idt77252: prevent use after free in dequeue_rx()
(bsc#1230171).
* CVE-2024-44999: gtp: pull network headers in gtp_dev_xmit() (bsc#1230233).
* CVE-2024-45002: rtla/osnoise: Prevent NULL dereference in error handling
(bsc#1230169).
* CVE-2024-45003: Don't evict inode under the inode lru traversing context
(bsc#1230245).
* CVE-2024-45013: nvme: move stopping keep-alive into nvme_uninit_ctrl()
(bsc#1230442).
* CVE-2024-45017: net/mlx5: Fix IPsec RoCE MPV trace call (bsc#1230430).
* CVE-2024-45018: netfilter: flowtable: initialise extack before use
(bsc#1230431).
* CVE-2024-45019: net/mlx5e: Take state lock during tx timeout reporter
(bsc#1230432).
* CVE-2024-45021: memcg_write_event_control(): fix a user-triggerable oops
(bsc#1230434).
* CVE-2024-45022: mm/vmalloc: fix page mapping if vm_area_alloc_pages() with
high order fallback to order 0 (bsc#1230435).
* CVE-2024-45023: md/raid1: Fix data corruption for degraded array with slow
disk (bsc#1230455).
* CVE-2024-45029: i2c: tegra: Do not mark ACPI devices as irq safe
(bsc#1230451).
* CVE-2024-45030: igb: cope with large MAX_SKB_FRAGS (bsc#1230457).
* CVE-2024-46673: scsi: aacraid: Fix double-free on probe failure
(bsc#1230506).
* CVE-2024-46677: gtp: fix a potential NULL pointer dereference (bsc#1230549).
* CVE-2024-46679: ethtool: check device is present when getting link settings
(bsc#1230556).
* CVE-2024-46686: smb/client: avoid dereferencing rdata=NULL in
smb2_new_read_req() (bsc#1230517).
* CVE-2024-46687: btrfs: fix a use-after-free when hitting errors inside
btrfs_submit_chunk() (bsc#1230518).
* CVE-2024-46691: usb: typec: ucsi: Move unregister out of atomic section
(bsc#1230526).
* CVE-2024-46692: firmware: qcom: scm: Mark get_wq_ctx() as atomic call
(bsc#1230520).
* CVE-2024-46693: kABI workaround for soc-qcom pmic_glink changes
(bsc#1230521).
* CVE-2024-46710: drm/vmwgfx: Prevent unmapping active read buffers
(bsc#1230540).
* CVE-2024-46717: net/mlx5e: SHAMPO, Fix incorrect page release (bsc#1230719).
* CVE-2024-46729: drm/amd/display: Fix incorrect size calculation for loop
(bsc#1230704).
* CVE-2024-46735: ublk_drv: fix NULL pointer dereference in
ublk_ctrl_start_recovery() (bsc#1230727).
* CVE-2024-46743: of/irq: Prevent device address out-of-bounds read in
interrupt map walk (bsc#1230756).
* CVE-2024-46751: btrfs: do not BUG_ON() when 0 reference count at
btrfs_lookup_extent_info() (bsc#1230786).
* CVE-2024-46752: btrfs: reduce nesting for extent processing at
btrfs_lookup_extent_info() (bsc#1230794).
* CVE-2024-46753: btrfs: handle errors from btrfs_dec_ref() properly
(bsc#1230796).
* CVE-2024-46772: drm/amd/display: Check denominator crb_pipes before used
(bsc#1230772).
* CVE-2024-46783: tcp_bpf: fix return value of tcp_bpf_sendmsg()
(bsc#1230810).
* CVE-2024-46787: userfaultfd: fix checks for huge PMDs (bsc#1230815).
* CVE-2024-46794: x86/tdx: Fix data leak in mmio_read() (bsc#1230825).
* CVE-2024-46822: arm64: acpi: Harden get_cpu_for_acpi_id() against missing
CPU entry (bsc#1231120).
The following non-security bugs were fixed:
* ABI: testing: fix admv8818 attr description (git-fixes).
* ACPI: CPPC: Add helper to get the highest performance value (stable-fixes).
* ACPI: CPPC: Fix MASK_VAL() usage (git-fixes).
* ACPI: PMIC: Remove unneeded check in tps68470_pmic_opregion_probe() (git-
fixes).
* ACPI: processor: Fix memory leaks in error paths of processor_add() (stable-
fixes).
* ACPI: processor: Return an error if acpi_processor_get_info() fails in
processor_add() (stable-fixes).
* ACPI: sysfs: validate return type of _STR method (git-fixes).
* ACPICA: Implement ACPI_WARNING_ONCE and ACPI_ERROR_ONCE (stable-fixes).
* ACPICA: executer/exsystem: Do not nag user about every Stall() violating the
spec (git-fixes).
* ALSA: control: Apply sanity check of input values for user elements (stable-
fixes).
* ALSA: hda/conexant: Add pincfg quirk to enable top speakers on Sirius
devices (stable-fixes).
* ALSA: hda/realtek - Fix inactive headset mic jack for ASUS Vivobook 15
X1504VAP (stable-fixes).
* ALSA: hda/realtek: Enable Mute Led for HP Victus 15-fb1xxx (stable-fixes).
* ALSA: hda/realtek: Support mute LED on HP Laptop 14-dq2xxx (stable-fixes).
* ALSA: hda/realtek: add patch for internal mic in Lenovo V145 (stable-fixes).
* ALSA: hda/realtek: extend quirks for Clevo V5[46]0 (stable-fixes).
* ALSA: hda: Add input value sanity checks to HDMI channel map controls
(stable-fixes).
* ALSA: hda: add HDMI codec ID for Intel PTL (stable-fixes).
* ALSA: hda: cs35l41: fix module autoloading (git-fixes).
* ARM: 9406/1: Fix callchain_trace() return value (git-fixes).
* ASoC: Intel: soc-acpi-cht: Make Lenovo Yoga Tab 3 X90F DMI match less strict
(stable-fixes).
* ASoC: amd: yc: Add a quirk for MSI Bravo 17 (D7VEK) (stable-fixes).
* ASoC: codecs: avoid possible garbage value in peb2466_reg_read() (git-
fixes).
* ASoC: cs42l42: Convert comma to semicolon (git-fixes).
* ASoC: dapm: Fix UAF for snd_soc_pcm_runtime object (git-fixes).
* ASoC: intel: fix module autoloading (stable-fixes).
* ASoC: meson: Remove unused declartion in header file (git-fixes).
* ASoC: meson: axg-card: fix 'use-after-free' (git-fixes).
* ASoC: rt5682: Return devm_of_clk_add_hw_provider to transfer the error (git-
fixes).
* ASoC: rt5682s: Return devm_of_clk_add_hw_provider to transfer the error
(git-fixes).
* ASoC: soc-ac97: Fix the incorrect description (git-fixes).
* ASoC: sunxi: sun4i-i2s: fix LRCLK polarity in i2s mode (git-fixes).
* ASoC: tas2781-i2c: Get the right GPIO line (git-fixes).
* ASoC: tda7419: fix module autoloading (stable-fixes).
* ASoC: tegra: Fix CBB error during probe() (git-fixes).
* ASoC: topology: Properly initialize soc_enum values (stable-fixes).
* ASoc: SOF: topology: Clear SOF link platform name upon unload (git-fixes).
* ASoc: TAS2781: replace beXX_to_cpup with get_unaligned_beXX for potentially
broken alignment (stable-fixes).
* Bluetooth: MGMT: Ignore keys being loaded with invalid type (git-fixes).
* Bluetooth: btnxpuart: Fix Null pointer dereference in btnxpuart_flush()
(stable-fixes).
* Bluetooth: btusb: Fix not handling ZPL/short-transfer (git-fixes).
* Bluetooth: hci_core: Fix sending MGMT_EV_CONNECT_FAILED (git-fixes).
* Bluetooth: hci_event: Use HCI error defines instead of magic values (stable-
fixes).
* Bluetooth: hci_sync: Add helper functions to manipulate cmd_sync queue
(stable-fixes).
* Bluetooth: hci_sync: Ignore errors from HCI_OP_REMOTE_NAME_REQ_CANCEL (git-
fixes).
* Detect memory allocation failure in annotated_source__alloc_histograms
(bsc#1227962).
* Documentation: ioctl: document 0x07 ioctl code (git-fixes).
* Drivers: hv: vmbus: Fix rescind handling in uio_hv_generic (git-fixes).
* Drivers: hv: vmbus: Fix the misplaced function description (git-fixes).
* Drop soundwire patch that caused a regression (bsc#1230350)
* HID: amd_sfh: free driver_data after destroying hid device (stable-fixes).
* HID: cougar: fix slab-out-of-bounds Read in cougar_report_fixup (stable-
fixes).
* HID: multitouch: Add support for GT7868Q (stable-fixes).
* HID: wacom: Do not warn about dropped packets for first packet (git-fixes).
* HID: wacom: Support sequence numbers smaller than 16-bit (git-fixes).
* IB/core: Fix ib_cache_setup_one error flow cleanup (git-fixes)
* Input: adp5588-keys - fix check on return code (git-fixes).
* Input: ads7846 - ratelimit the spi_sync error message (stable-fixes).
* Input: ili210x - use kvmalloc() to allocate buffer for firmware update
(stable-fixes).
* Input: ilitek_ts_i2c - avoid wrong input subsystem sync (git-fixes).
* Input: ps2-gpio - use IRQF_NO_AUTOEN flag in request_irq() (git-fixes).
* Input: synaptics - enable SMBus for HP Elitebook 840 G2 (stable-fixes).
* Input: tsc2004/5 - do not hard code interrupt trigger (git-fixes).
* Input: tsc2004/5 - fix reset handling on probe (git-fixes).
* Input: tsc2004/5 - use device core to create driver-specific device
attributes (git-fixes).
* Input: uinput - reject requests with unreasonable number of slots (stable-
fixes).
* KEYS: prevent NULL pointer dereference in find_asymmetric_key() (git-fixes).
* KVM: SVM: Do not advertise Bus Lock Detect to guest if SVM support is
missing (git-fixes).
* KVM: SVM: fix emulation of msr reads/writes of MSR_FS_BASE and MSR_GS_BASE
(git-fixes).
* KVM: arm64: Block unsafe FF-A calls from the host (git-fixes).
* KVM: arm64: Disallow copying MTE to guest memory while KVM is dirty logging
(git-fixes).
* KVM: arm64: Do not pass a TLBI level hint when zapping table entries (git-
fixes).
* KVM: arm64: Do not re-initialize the KVM lock (git-fixes).
* KVM: arm64: Invalidate EL1&0 TLB entries for all VMIDs in nvhe hyp init
(git-fixes).
* KVM: arm64: Make ICC_ _SGI_ _EL1 undef in the absence of a vGICv3 (git-
fixes).
* KVM: arm64: Release pfn, i.e. put page, if copying MTE tags hits ZONE_DEVICE
(git-fixes).
* KVM: arm64: nvhe: Ignore SVE hint in SMCCC function ID (git-fixes).
* KVM: arm64: vgic-v2: Check for non-NULL vCPU in vgic_v2_parse_attr() (git-
fixes).
* KVM: x86: Acquire kvm->srcu when handling KVM_SET_VCPU_EVENTS (git-fixes).
* Move fixes into sorted section (bsc#1230119)
* Move s390 kabi patch into the kabi section
* NFS: never reuse a NFSv4.0 lock-owner (bsc#1227726).
* NFSD: Fix frame size warning in svc_export_parse() (git-fixes).
* NFSD: Rewrite synopsis of nfsd_percpu_counters_init() (git-fixes).
* NFSv4: Add missing rescheduling points in
nfs_client_return_marked_delegations (git-fixes).
* PCI: Add missing bridge lock to pci_bus_lock() (stable-fixes).
* PCI: Wait for Link before restoring Downstream Buses (git-fixes).
* PCI: al: Check IORESOURCE_BUS existence during probe (stable-fixes).
* PCI: dra7xx: Fix error handling when IRQ request fails in probe (git-fixes).
* PCI: dra7xx: Fix threaded IRQ request for "dra7xx-pcie-main" IRQ (git-
fixes).
* PCI: dwc: Expose dw_pcie_ep_exit() to module (git-fixes).
* PCI: imx6: Fix missing call to phy_power_off() in error handling (git-
fixes).
* PCI: keystone: Add workaround for Errata #i2037 (AM65x SR 1.0) (stable-
fixes).
* PCI: keystone: Fix if-statement expression in ks_pcie_quirk() (git-fixes).
* PCI: kirin: Fix buffer overflow in kirin_pcie_parse_port() (git-fixes).
* PCI: qcom-ep: Enable controller resources like PHY only after refclk is
available (git-fixes).
* PCI: xilinx-nwl: Clean up clock on probe failure/removal (git-fixes).
* PCI: xilinx-nwl: Fix off-by-one in INTx IRQ handler (git-fixes).
* PKCS#7: Check codeSigning EKU of certificates in PKCS#7 (bsc#1226666).
* RDMA/core: Remove unused declaration rdma_resolve_ip_route() (git-fixes)
* RDMA/cxgb4: Added NULL check for lookup_atid (git-fixes)
* RDMA/efa: Properly handle unexpected AQ completions (git-fixes)
* RDMA/erdma: Return QP state in erdma_query_qp (git-fixes)
* RDMA/hns: Do not modify rq next block addr in HIP09 QPC (git-fixes)
* RDMA/hns: Fix 1bit-ECC recovery address in non-4K OS (git-fixes)
* RDMA/hns: Fix Use-After-Free of rsv_qp on HIP08 (git-fixes)
* RDMA/hns: Fix VF triggering PF reset in abnormal interrupt handler (git-
fixes)
* RDMA/hns: Fix ah error counter in sw stat not increasing (git-fixes)
* RDMA/hns: Fix restricted __le16 degrades to integer issue (git-fixes)
* RDMA/hns: Fix spin_unlock_irqrestore() called with IRQs enabled (git-fixes)
* RDMA/hns: Fix the overflow risk of hem_list_calc_ba_range() (git-fixes)
* RDMA/hns: Optimize hem allocation performance (git-fixes)
* RDMA/irdma: fix error message in irdma_modify_qp_roce() (git-fixes)
* RDMA/iwcm: Fix WARNING:at_kernel/workqueue.c:#check_flush_dependency (git-
fixes)
* RDMA/mlx5: Drop redundant work canceling from clean_keys() (git-fixes)
* RDMA/mlx5: Fix MR cache temp entries cleanup (git-fixes)
* RDMA/mlx5: Fix counter update on MR cache mkey creation (git-fixes)
* RDMA/mlx5: Limit usage of over-sized mkeys from the MR cache (git-fixes)
* RDMA/mlx5: Obtain upper net device only when needed (git-fixes)
* RDMA/rtrs-clt: Reset cid to con_num - 1 to stay in bounds (git-fixes)
* RDMA/rtrs: Reset hb_missed_cnt after receiving other traffic from peer (git-
fixes)
* Restore dropped fields for bluetooth MGMT/SMP structs (git-fixes).
* Revert "Bluetooth: MGMT/SMP: Fix address type when using SMP over BREDR/LE"
(git-fixes).
* Revert "PCI: Extend ACS configurability (bsc#1228090)." (bsc#1229019)
* Revert "drm/amdgpu: align pp_power_profile_mode with kernel docs" (stable-
fixes).
* Revert "media: tuners: fix error return code of
hybrid_tuner_request_state()" (git-fixes).
* Revert "mm, kmsan: fix infinite recursion due to RCU critical section"
(bsc#1230413)
* Revert "mm/sparsemem: fix race in accessing memory_section->usage"
(bsc#1230413)
* Revert "mm: prevent derefencing NULL ptr in pfn_section_valid()"
(bsc#1230413)
* Split kabi part of dm_blk_ioctl-implement-path-failover-for-SG_IO.patch
* Squashfs: sanity check symbolic link size (git-fixes).
* USB: class: CDC-ACM: fix race between get_serial and set_serial (git-fixes).
* USB: serial: kobil_sct: restore initial terminal settings (git-fixes).
* USB: serial: option: add MeiG Smart SRM825L (git-fixes).
* USB: serial: option: add MeiG Smart SRM825L (stable-fixes).
* USB: serial: pl2303: add device id for Macrosilicon MS3020 (stable-fixes).
* USB: usbtmc: prevent kernel-usb-infoleak (git-fixes).
* VMCI: Fix use-after-free when removing resource in vmci_resource_remove()
(git-fixes).
* afs: Do not cross .backup mountpoint from backup volume (git-fixes).
* afs: Revert "afs: Hide silly-rename files from userspace" (git-fixes).
* arm64/mm: Modify range-based tlbi to decrement scale (bsc#1229585)
* arm64/mm: Update tlb invalidation routines for FEAT_LPA2 (bsc#1229585)
* arm64: acpi: Move get_cpu_for_acpi_id() to a header (git-fixes).
* arm64: dts: allwinner: h616: Add r_i2c pinctrl nodes (git-fixes).
* arm64: dts: exynos: exynos7885-jackpotlte: Correct RAM amount to 4GB (git-
fixes).
* arm64: dts: imx8-ss-dma: Fix adc0 closing brace location (git-fixes).
* arm64: dts: rockchip: Correct the Pinebook Pro battery design capacity (git-
fixes).
* arm64: dts: rockchip: Correct vendor prefix for Hardkernel ODROID-M1 (git-
fixes).
* arm64: dts: rockchip: Raise Pinebook Pro's panel backlight PWM frequency
(git-fixes).
* arm64: dts: rockchip: fix PMIC interrupt pin in pinctrl for ROCK Pi E (git-
fixes).
* arm64: dts: rockchip: fix eMMC/SPI corruption when audio has been used on
RK3399 Puma (git-fixes).
* arm64: dts: rockchip: override BIOS_DISABLE signal via GPIO hog on RK3399
Puma (git-fixes).
* arm64: signal: Fix some under-bracketed UAPI macros (git-fixes).
* arm64: tlb: Allow range operation for MAX_TLBI_RANGE_PAGES (bsc#1229585)
* arm64: tlb: Fix TLBI RANGE operand (bsc#1229585)
* arm64: tlb: Improve __TLBI_VADDR_RANGE() (bsc#1229585)
* ata: libata-scsi: Fix ata_msense_control() CDL page reporting (git-fixes).
* ata: libata: Clear DID_TIME_OUT for ATA PT commands with sense data (git-
fixes).
* ata: libata: Fix memory leak for error path in ata_host_alloc() (git-fixes).
* ata: pata_macio: Use WARN instead of BUG (stable-fixes).
* blk-mq: add helper for checking if one CPU is mapped to specified hctx
(bsc#1223600).
* blk-mq: do not schedule block kworker on isolated CPUs (bsc#1223600).
* bpf, events: Use prog to emit ksymbol event for main program (git-fixes).
* bpf: Fix use-after-free in bpf_uprobe_multi_link_attach() (git-fixes).
* btrfs: fix race between direct IO write and fsync when using same fd (git-
fixes).
* btrfs: send: allow cloning non-aligned extent if it ends at i_size
(bsc#1230854).
* bus: integrator-lm: fix OF node leak in probe() (git-fixes).
* cachefiles: Fix non-taking of sb_writers around set/removexattr
(bsc#1231008).
* cachefiles: fix dentry leak in cachefiles_open_file() (bsc#1231183).
* can: bcm: Clear bo->bcm_proc_read after remove_proc_entry() (git-fixes).
* can: bcm: Remove proc entry when dev is unregistered (git-fixes).
* can: j1939: use correct function name in comment (git-fixes).
* can: kvaser_pciefd: Skip redundant NULL pointer check in ISR (stable-fixes).
* can: m_can: Release irq on error in m_can_open (git-fixes).
* can: m_can: enable NAPI before enabling interrupts (git-fixes).
* can: m_can: m_can_close(): stop clocks after device has been shut down (git-
fixes).
* can: mcp251x: fix deadlock if an interrupt occurs during mcp251x_open (git-
fixes).
* can: mcp251xfd: clarify the meaning of timestamp (stable-fixes).
* can: mcp251xfd: fix ring configuration when switching from CAN-CC to CAN-FD
mode (git-fixes).
* can: mcp251xfd: mcp251xfd_handle_rxif_ring_uinc(): factor out in separate
function (stable-fixes).
* can: mcp251xfd: mcp251xfd_ring_init(): check TX-coalescing configuration
(stable-fixes).
* can: mcp251xfd: move mcp251xfd_timestamp_start()/stop() into
mcp251xfd_chip_start/stop() (stable-fixes).
* can: mcp251xfd: properly indent labels (stable-fixes).
* can: mcp251xfd: rx: add workaround for erratum DS80000789E 6 of mcp2518fd
(stable-fixes).
* can: mcp251xfd: rx: prepare to workaround broken RX FIFO head index erratum
(stable-fixes).
* cdc-acm: Add DISABLE_ECHO quirk for GE HealthCare UI Controller (git-fixes).
* cdc-acm: Add DISABLE_ECHO quirk for GE HealthCare UI Controller (stable-
fixes).
* ceph: remove the incorrect Fw reference check when dirtying pages
(bsc#1231182).
* clk: Add a devm variant of clk_rate_exclusive_get() (bsc#1227885).
* clk: Provide !COMMON_CLK dummy for devm_clk_rate_exclusive_get()
(bsc#1227885).
* clk: qcom: clk-alpha-pll: Fix the pll post div mask (git-fixes).
* clk: qcom: clk-alpha-pll: Fix the trion pll postdiv set rate API (git-
fixes).
* clk: qcom: clk-alpha-pll: Fix zonda set_rate failure when PLL is disabled
(git-fixes).
* clk: qcom: gcc-sc8280xp: do not use parking clk_ops for QUPs (git-fixes).
* clk: qcom: gcc-sm8550: Do not park the USB RCG at registration time (git-
fixes).
* clk: qcom: gcc-sm8550: Do not use parking clk_ops for QUPs (git-fixes).
* clk: qcom: ipq9574: Update the alpha PLL type for GPLLs (git-fixes).
* clk: ti: dra7-atl: Fix leak of of_nodes (git-fixes).
* clocksource/drivers/imx-tpm: Fix next event not taking effect sometime (git-
fixes).
* clocksource/drivers/imx-tpm: Fix return -ETIME when delta exceeds INT_MAX
(git-fixes).
* clocksource/drivers/qcom: Add missing iounmap() on errors in
msm_dt_timer_init() (git-fixes).
* cpufreq: amd-pstate: Enable amd-pstate preferred core support (stable-
fixes).
* cpufreq: amd-pstate: fix the highest frequency issue which limits
performance (git-fixes).
* cpufreq: scmi: Avoid overflow of target_freq in fast switch (stable-fixes).
* cpufreq: ti-cpufreq: Introduce quirks to handle syscon fails appropriately
(git-fixes).
* crypto: ccp - Properly unregister /dev/sev on sev PLATFORM_STATUS failure
(git-fixes).
* crypto: ccp - do not request interrupt on cmd completion when irqs disabled
(git-fixes).
* crypto: iaa - Fix potential use after free bug (git-fixes).
* crypto: qat - fix unintentional re-enabling of error interrupts (stable-
fixes).
* crypto: xor - fix template benchmarking (git-fixes).
* cxl/core: Fix incorrect vendor debug UUID define (git-fixes).
* cxl/pci: Fix to record only non-zero ranges (git-fixes).
* devres: Initialize an uninitialized struct member (stable-fixes).
* dma-buf: heaps: Fix off-by-one in CMA heap fault handler (git-fixes).
* dma-debug: avoid deadlock between dma debug vs printk and netconsole
(stable-fixes).
* dmaengine: altera-msgdma: properly free descriptor in msgdma_free_descriptor
(stable-fixes).
* dmaengine: altera-msgdma: use irq variant of spin_lock/unlock while invoking
callbacks (stable-fixes).
* driver core: Fix a potential null-ptr-deref in module_add_driver() (git-
fixes).
* driver core: Fix error handling in driver API device_rename() (git-fixes).
* driver: iio: add missing checks on iio_info's callback access (stable-
fixes).
* drivers: media: dvb-frontends/rtl2830: fix an out-of-bounds write error
(git-fixes).
* drivers: media: dvb-frontends/rtl2832: fix an out-of-bounds write error
(git-fixes).
* drivers:drm:exynos_drm_gsc:Fix wrong assignment in gsc_bind() (git-fixes).
* drm/amd/amdgpu: Check tbo resource pointer (stable-fixes).
* drm/amd/amdgpu: Properly tune the size of struct (git-fixes).
* drm/amd/display: Add array index check for hdcp ddc access (stable-fixes).
* drm/amd/display: Add null check for set_output_gamma in
dcn30_set_output_transfer_func (git-fixes).
* drm/amd/display: Add null checks for 'stream' and 'plane' before
dereferencing (stable-fixes).
* drm/amd/display: Assign linear_pitch_alignment even for VM (stable-fixes).
* drm/amd/display: Avoid overflow from uint32_t to uint8_t (stable-fixes).
* drm/amd/display: Avoid race between dcn10_set_drr() and dc_state_destruct()
(git-fixes).
* drm/amd/display: Check BIOS images before it is used (stable-fixes).
* drm/amd/display: Check HDCP returned status (stable-fixes).
* drm/amd/display: Check UnboundedRequestEnabled's value (stable-fixes).
* drm/amd/display: Check denominator pbn_div before used (stable-fixes).
* drm/amd/display: Check gpio_id before used as array index (stable-fixes).
* drm/amd/display: Check index for aux_rd_interval before using (stable-
fixes).
* drm/amd/display: Check msg_id before processing transcation (stable-fixes).
* drm/amd/display: Check num_valid_sets before accessing reader_wm_sets[]
(stable-fixes).
* drm/amd/display: Correct the defined value for AMDGPU_DMUB_NOTIFICATION_MAX
(stable-fixes).
* drm/amd/display: Defer handling mst up request in resume (stable-fixes).
* drm/amd/display: Disable error correction if it's not supported (stable-
fixes).
* drm/amd/display: Do not use fsleep for PSR exit waits on dmub replay
(stable-fixes).
* drm/amd/display: Ensure array index tg_inst won't be -1 (stable-fixes).
* drm/amd/display: Ensure index calculation will not overflow (stable-fixes).
* drm/amd/display: Fix Coverity INTEGER_OVERFLOW within
dal_gpio_service_create (stable-fixes).
* drm/amd/display: Fix Coverity INTEGER_OVERFLOW within
decide_fallback_link_setting_max_bw_policy (stable-fixes).
* drm/amd/display: Fix Coverity INTERGER_OVERFLOW within
construct_integrated_info (stable-fixes).
* drm/amd/display: Fix FEC_READY write on DP LT (stable-fixes).
* drm/amd/display: Fix index may exceed array range within
fpu_update_bw_bounding_box (stable-fixes).
* drm/amd/display: Fix pipe addition logic in calc_blocks_to_ungate DCN35
(stable-fixes).
* drm/amd/display: Handle the case which quad_part is equal 0 (stable-fixes).
* drm/amd/display: Remove register from DCN35 DMCUB diagnostic collection
(stable-fixes).
* drm/amd/display: Replace dm_execute_dmub_cmd with
dc_wake_and_execute_dmub_cmd (git-fixes).
* drm/amd/display: Run DC_LOG_DC after checking link->link_enc (stable-fixes).
* drm/amd/display: Skip inactive planes within
ModeSupportAndSystemConfiguration (stable-fixes).
* drm/amd/display: Skip wbscl_set_scaler_filter if filter is null (stable-
fixes).
* drm/amd/display: Solve mst monitors blank out problem after resume (git-
fixes).
* drm/amd/display: Spinlock before reading event (stable-fixes).
* drm/amd/display: Stop amdgpu_dm initialize when stream nums greater than 6
(stable-fixes).
* drm/amd/display: Wake DMCUB before sending a command for replay feature
(stable-fixes).
* drm/amd/display: added NULL check at start of dc_validate_stream (stable-
fixes).
* drm/amd/display: handle nulled pipe context in DCE110's set_drr() (git-
fixes).
* drm/amd/display: use preferred link settings for dp signal only (stable-
fixes).
* drm/amd/pm: Fix negative array index read (stable-fixes).
* drm/amd/pm: check negtive return for table entries (stable-fixes).
* drm/amd/pm: check specific index for aldebaran (stable-fixes).
* drm/amd/pm: check specific index for smu13 (stable-fixes).
* drm/amd/pm: fix the Out-of-bounds read warning (stable-fixes).
* drm/amd/pm: fix uninitialized variable warning (stable-fixes).
* drm/amd/pm: fix uninitialized variable warning for smu8_hwmgr (stable-
fixes).
* drm/amd/pm: fix uninitialized variable warnings for vangogh_ppt (stable-
fixes).
* drm/amd/pm: fix uninitialized variable warnings for vega10_hwmgr (stable-
fixes).
* drm/amd/pm: fix warning using uninitialized value of max_vid_step (stable-
fixes).
* drm/amd: Add gfx12 swizzle mode defs (stable-fixes).
* drm/amdgpu/atomfirmware: Silence UBSAN warning (stable-fixes).
* drm/amdgpu/display: handle gfx12 in amdgpu_dm_plane_format_mod_supported
(stable-fixes).
* drm/amdgpu/pm: Check input value for CUSTOM profile mode setting on legacy
SOCs (stable-fixes).
* drm/amdgpu/pm: Check the return value of smum_send_msg_to_smc (stable-
fixes).
* drm/amdgpu/pm: Fix uninitialized variable agc_btc_response (stable-fixes).
* drm/amdgpu/pm: Fix uninitialized variable warning for smu10 (stable-fixes).
* drm/amdgpu/swsmu: always force a state reprogram on init (stable-fixes).
* drm/amdgpu: Fix get each xcp macro (git-fixes).
* drm/amdgpu: Fix out-of-bounds read of df_v1_7_channel_number (stable-fixes).
* drm/amdgpu: Fix out-of-bounds write warning (stable-fixes).
* drm/amdgpu: Fix smatch static checker warning (stable-fixes).
* drm/amdgpu: Fix the uninitialized variable warning (stable-fixes).
* drm/amdgpu: Fix the warning division or modulo by zero (stable-fixes).
* drm/amdgpu: Fix uninitialized variable warning in amdgpu_afmt_acr (stable-
fixes).
* drm/amdgpu: Fix uninitialized variable warning in amdgpu_info_ioctl (stable-
fixes).
* drm/amdgpu: Handle sg size limit for contiguous allocation (stable-fixes).
* drm/amdgpu: Set no_hw_access when VF request full GPU fails (stable-fixes).
* drm/amdgpu: add lock in amdgpu_gart_invalidate_tlb (stable-fixes).
* drm/amdgpu: add lock in kfd_process_dequeue_from_device (stable-fixes).
* drm/amdgpu: add missing error handling in function
amdgpu_gmc_flush_gpu_tlb_pasid (stable-fixes).
* drm/amdgpu: add skip_hw_access checks for sriov (stable-fixes).
* drm/amdgpu: align pp_power_profile_mode with kernel docs (stable-fixes).
* drm/amdgpu: avoid reading vf2pf info size from FB (stable-fixes).
* drm/amdgpu: check for LINEAR_ALIGNED correctly in check_tiling_flags_gfx6
(stable-fixes).
* drm/amdgpu: clear RB_OVERFLOW bit when enabling interrupts (stable-fixes).
* drm/amdgpu: fix a possible null pointer dereference (git-fixes).
* drm/amdgpu: fix contiguous handling for IB parsing v2 (git-fixes).
* drm/amdgpu: fix dereference after null check (stable-fixes).
* drm/amdgpu: fix mc_data out-of-bounds read warning (stable-fixes).
* drm/amdgpu: fix overflowed array index read warning (stable-fixes).
* drm/amdgpu: fix overflowed constant warning in mmhub_set_clockgating()
(stable-fixes).
* drm/amdgpu: fix the waring dereferencing hive (stable-fixes).
* drm/amdgpu: fix ucode out-of-bounds read warning (stable-fixes).
* drm/amdgpu: fix uninitialized scalar variable warning (stable-fixes).
* drm/amdgpu: handle gfx12 in amdgpu_display_verify_sizes (stable-fixes).
* drm/amdgpu: properly handle vbios fake edid sizing (git-fixes).
* drm/amdgpu: reject gang submit on reserved VMIDs (stable-fixes).
* drm/amdgpu: the warning dereferencing obj for nbio_v7_4 (stable-fixes).
* drm/amdgpu: update type of buf size to u32 for eeprom functions (stable-
fixes).
* drm/amdgu: fix Unintentional integer overflow for mall size (stable-fixes).
* drm/amdkfd: Check debug trap enable before write dbg_ev_file (stable-fixes).
* drm/amdkfd: Reconcile the definition and use of oem_id in struct
kfd_topology_device (stable-fixes).
* drm/bridge: lontium-lt8912b: Validate mode in drm_bridge_funcs::mode_valid()
(git-fixes).
* drm/bridge: tc358767: Check if fully initialized before signalling HPD event
via IRQ (stable-fixes).
* drm/drm-bridge: Drop conditionals around of_node pointers (stable-fixes).
* drm/fb-helper: Do not schedule_work() to flush frame buffer during panic()
(stable-fixes).
* drm/gpuvm: fix missing dependency to DRM_EXEC (git-fixes).
* drm/i915/fence: Mark debug_fence_free() with __maybe_unused (git-fixes).
* drm/i915/fence: Mark debug_fence_init_onstack() with __maybe_unused (git-
fixes).
* drm/i915/guc: prevent a possible int overflow in wq offsets (git-fixes).
* drm/i915: Do not attempt to load the GSC multiple times (git-fixes).
* drm/kfd: Correct pinned buffer handling at kfd restore and validate process
(stable-fixes).
* drm/mediatek: Set sensible cursor width/height values to fix crash (stable-
fixes).
* drm/mediatek: ovl_adaptor: Add missing of_node_put() (git-fixes).
* drm/meson: plane: Add error handling (stable-fixes).
* drm/msm/a5xx: disable preemption in submits by default (git-fixes).
* drm/msm/a5xx: fix races in preemption evaluation stage (git-fixes).
* drm/msm/a5xx: properly clear preemption records on resume (git-fixes).
* drm/msm/a5xx: workaround early ring-buffer emptiness check (git-fixes).
* drm/msm/adreno: Fix error return if missing firmware-name (stable-fixes).
* drm/msm/dsi: correct programming sequence for SM8350 / SM8450 (git-fixes).
* drm/msm: Fix incorrect file name output in adreno_request_fw() (git-fixes).
* drm/msm: fix %s null argument error (git-fixes).
* drm/nouveau/fb: restore init() for ramgp102 (git-fixes).
* drm/radeon/evergreen_cs: fix int overflow errors in cs track offsets (git-
fixes).
* drm/radeon: fix null pointer dereference in radeon_add_common_modes (git-
fixes).
* drm/radeon: properly handle vbios fake edid sizing (git-fixes).
* drm/rockchip: dw_hdmi: Fix reading EDID when using a forced mode (git-
fixes).
* drm/rockchip: vop: Allow 4096px width scaling (git-fixes).
* drm/rockchip: vop: clear DMA stop bit on RK3066 (git-fixes).
* drm/rockchip: vop: enable VOP_FEATURE_INTERNAL_RGB on RK3066 (git-fixes).
* drm/stm: Fix an error handling path in stm_drm_platform_probe() (git-fixes).
* drm/stm: ltdc: check memory returned by devm_kzalloc() (git-fixes).
* drm/syncobj: Fix syncobj leak in drm_syncobj_eventfd_ioctl (git-fixes).
* drm/vc4: hdmi: Handle error case of pm_runtime_resume_and_get (git-fixes).
* drm: komeda: Fix an issue related to normalized zpos (stable-fixes).
* drm: omapdrm: Add missing check for alloc_ordered_workqueue (git-fixes).
* drm: panel-orientation-quirks: Add quirk for Ayn Loki Max (stable-fixes).
* drm: panel-orientation-quirks: Add quirk for Ayn Loki Zero (stable-fixes).
* drm: panel-orientation-quirks: Add quirk for OrangePi Neo (stable-fixes).
* ep93xx: clock: Fix off by one in ep93xx_div_recalc_rate() (git-fixes).
* erofs: fix incorrect symlink detection in fast symlink (git-fixes).
* exfat: fix memory leak in exfat_load_bitmap() (git-fixes).
* fbdev: hpfb: Fix an error handling path in hpfb_dio_probe() (git-fixes).
* firmware: arm_scmi: Fix double free in OPTEE transport (git-fixes).
* firmware: tegra: bpmp: Drop unused mbox_client_to_bpmp() (git-fixes).
* firmware_loader: Block path traversal (git-fixes).
* fscache: delete fscache_cookie_lru_timer when fscache exits to avoid UAF
(bsc#1230602).
* fuse: fix memory leak in fuse_create_open (bsc#1230124).
* fuse: update stats for pages in dropped aux writeback list (bsc#1230125).
* fuse: use unsigned type for getxattr/listxattr size truncation
(bsc#1230123).
* gpio: modepin: Enable module autoloading (git-fixes).
* gpio: rockchip: fix OF node leak in probe() (git-fixes).
* hwmon: (adc128d818) Fix underflows seen when writing limit attributes
(stable-fixes).
* hwmon: (asus-ec-sensors) remove VRM temp X570-E GAMING (stable-fixes).
* hwmon: (k10temp) Check return value of amd_smn_read() (stable-fixes).
* hwmon: (lm95234) Fix underflows seen when writing limit attributes (stable-
fixes).
* hwmon: (max16065) Fix overflows seen when writing limits (git-fixes).
* hwmon: (nct6775-core) Fix underflows seen when writing limit attributes
(stable-fixes).
* hwmon: (ntc_thermistor) fix module autoloading (git-fixes).
* hwmon: (pmbus) Conditionally clear individual status bits for pmbus rev >=
1.2 (git-fixes).
* hwmon: (w83627ehf) Fix underflows seen when writing limit attributes
(stable-fixes).
* hwrng: bcm2835 - Add missing clk_disable_unprepare in bcm2835_rng_init (git-
fixes).
* hwrng: cctrng - Add missing clk_disable_unprepare in cctrng_resume (git-
fixes).
* hwrng: mtk - Use devm_pm_runtime_enable (git-fixes).
* i2c: aspeed: Update the stop sw state when the bus recovery occurs (git-
fixes).
* i2c: designware: fix controller is holding SCL low while ENABLE bit is
disabled (git-fixes).
* i2c: isch: Add missed 'else' (git-fixes).
* i2c: qcom-geni: Use IRQF_NO_AUTOEN flag in request_irq() (git-fixes).
* i2c: xiic: Wait for TX empty to avoid missed TX NAKs (git-fixes).
* i3c: master: svc: Fix use after free vulnerability in svc_i3c_master Driver
Due to Race Condition (git-fixes).
* i3c: mipi-i3c-hci: Error out instead on BUG_ON() in IBI DMA setup (stable-
fixes).
* iio: adc: ad7124: fix chip ID mismatch (git-fixes).
* iio: adc: ad7124: fix config comparison (git-fixes).
* iio: adc: ad7606: fix oversampling gpio array (git-fixes).
* iio: adc: ad7606: fix standby gpio state to match the documentation (git-
fixes).
* iio: adc: ad7606: remove frstdata check for serial mode (git-fixes).
* iio: buffer-dmaengine: fix releasing dma channel on error (git-fixes).
* iio: chemical: bme680: Fix read/write ops to device by adding mutexes (git-
fixes).
* iio: fix scale application in iio_convert_raw_to_processed_unlocked (git-
fixes).
* iio: magnetometer: ak8975: Fix reading for ak099xx sensors (git-fixes).
* ipmi: docs: do not advertise deprecated sysfs entries (git-fixes).
* ipmi:ssif: Improve detecting during probing (bsc#1228771)
* ipmi:ssif: Improve detecting during probing (bsc#1228771) Move patch into
the sorted section.
* ipv6: fix possible UAF in ip6_finish_output2() (bsc#1230206)
* jfs: fix out-of-bounds in dbNextAG() and diAlloc() (git-fixes).
* kABI workaround for cros_ec stuff (git-fixes).
* kABI: Split kABI out of 'io_uring/kbuf: get rid of bl->is_ready'
* kABI: Split kABI out of 'io_uring: Re-add dummy_ubuf for kABI purposes'
* kABI: Split kABI out of io_uring/kbuf: protect io_buffer_list teardown with
a reference
* kabi: dm_blk_ioctl: implement path failover for SG_IO (bsc#1183045,
bsc#1216776).
* kselftests: dmabuf-heaps: Ensure the driver name is null-terminated (stable-
fixes).
* kthread: Fix task state in kthread worker if being frozen (bsc#1231146).
* leds: spi-byte: Call of_node_put() on error path (stable-fixes).
* lib/generic-radix-tree.c: Fix rare race in __genradix_ptr_alloc() (stable-
fixes).
* lirc: rc_dev_get_from_fd(): fix file leak (git-fixes).
* mailbox: bcm2835: Fix timeout during suspend mode (git-fixes).
* mailbox: rockchip: fix a typo in module autoloading (git-fixes).
* media: i2c: ar0521: Use cansleep version of gpiod_set_value() (git-fixes).
* media: ov5675: Fix power on/off delay timings (git-fixes).
* media: platform: rzg2l-cru: rzg2l-csi2: Add missing MODULE_DEVICE_TABLE
(git-fixes).
* media: qcom: camss: Add check for v4l2_fwnode_endpoint_parse (stable-fixes).
* media: qcom: camss: Remove use_count guard in stop_streaming (git-fixes).
* media: sun4i_csi: Implement link validate for sun4i_csi subdev (git-fixes).
* media: uapi/linux/cec.h: cec_msg_set_reply_to: zero flags (git-fixes).
* media: uvcvideo: Enforce alignment of frame and interval (stable-fixes).
* media: venus: fix use after free bug in venus_remove due to race condition
(git-fixes).
* media: vicodec: allow en/decoder cmd w/o CAPTURE (git-fixes).
* media: vivid: do not set HDMI TX controls if there are no HDMI outputs
(stable-fixes).
* media: vivid: fix wrong sizeimage value for mplane (stable-fixes).
* memory: mtk-smi: Use devm_clk_get_enabled() (git-fixes).
* memory: tegra186-emc: drop unused to_tegra186_emc() (git-fixes).
* minmax: reduce min/max macro expansion in atomisp driver (git-fixes).
* misc: fastrpc: Fix double free of 'buf' in error path (git-fixes).
* mmc: core: apply SD quirks earlier during probe (git-fixes).
* mmc: cqhci: Fix checking of CQHCI_HALT state (git-fixes).
* mmc: dw_mmc: Fix IDMAC operation with pages bigger than 4K (git-fixes).
* mmc: sdhci-of-aspeed: fix module autoloading (git-fixes).
* module: Fix KCOV-ignored file name (git-fixes).
* mtd: powernv: Add check devm_kasprintf() returned value (git-fixes).
* mtd: slram: insert break after errors in parsing the map (git-fixes).
* net: mana: Fix error handling in mana_create_txq/rxq's NAPI cleanup (git-
fixes).
* net: phy: Fix missing of_node_put() for leds (git-fixes).
* net: phy: vitesse: repair vsc73xx autonegotiation (stable-fixes).
* net: tighten bad gso csum offset check in virtio_net_hdr (git-fixes).
* net: usb: qmi_wwan: add MeiG Smart SRM825L (stable-fixes).
* nfsd: Do not leave work of closing files to a work queue (bsc#1228140).
* nilfs2: determine empty node blocks as corrupted (git-fixes).
* nilfs2: fix missing cleanup on rollforward recovery error (git-fixes).
* nilfs2: fix potential null-ptr-deref in nilfs_btree_insert() (git-fixes).
* nilfs2: fix potential oob read in nilfs_btree_check_delete() (git-fixes).
* nilfs2: fix state management in error path of log writing function (git-
fixes).
* nilfs2: protect references to superblock parameters exposed in sysfs (git-
fixes).
* nouveau: fix the fwsec sb verification register (git-fixes).
* nvme-multipath: avoid hang on inaccessible namespaces (bsc#1228244).
* nvme-multipath: system fails to create generic nvme device (bsc#1228244).
* nvme-pci: Add sleep quirk for Samsung 990 Evo (git-fixes).
* nvme-pci: allocate tagset on reset if necessary (git-fixes).
* nvme-tcp: fix link failure for TCP auth (git-fixes).
* nvme/pci: Add APST quirk for Lenovo N60z laptop (git-fixes).
* nvme: clear caller pointer on identify failure (git-fixes).
* nvme: fix namespace removal list (git-fixes).
* nvmet-rdma: fix possible bad dereference when freeing rsps (git-fixes).
* nvmet-tcp: do not continue for invalid icreq (git-fixes).
* nvmet-tcp: fix kernel crash if commands allocation fails (git-fixes).
* nvmet-trace: avoid dereferencing pointer too early (git-fixes).
* nvmet: Identify-Active Namespace ID List command should reject invalid nsid
(git-fixes).
* ocfs2: cancel dqi_sync_work before freeing oinfo (git-fixes).
* ocfs2: fix null-ptr-deref when journal load failed (git-fixes).
* ocfs2: fix possible null-ptr-deref in ocfs2_set_buffer_uptodate (git-fixes).
* ocfs2: remove unreasonable unlock in ocfs2_read_blocks (git-fixes).
* pci/hotplug/pnv_php: Fix hotplug driver crash on Powernv (stable-fixes).
* pcmcia: Use resource_size function on resource object (stable-fixes).
* perf annotate: Introduce global annotation_options (git-fixes).
* perf annotate: Split branch stack cycles information out of 'struct
annotation_line' (git-fixes).
* perf annotate: Use global annotation_options (git-fixes).
* perf arch events: Fix duplicate RISC-V SBI firmware event name (git-fixes).
* perf intel-pt: Fix aux_watermark calculation for 64-bit size (git-fixes).
* perf intel-pt: Fix exclude_guest setting (git-fixes).
* perf machine thread: Remove exited threads by default (git-fixes).
* perf maps: Move symbol maps functions to maps.c (git-fixes).
* perf pmu: Assume sysfs events are always the same case (git-fixes).
* perf pmus: Fixes always false when compare duplicates aliases (git-fixes).
* perf record: Lazy load kernel symbols (git-fixes).
* perf report: Convert to the global annotation_options (git-fixes).
* perf report: Fix condition in sort__sym_cmp() (git-fixes).
* perf stat: Fix the hard-coded metrics calculation on the hybrid (git-fixes).
* perf test: Make test_arm_callgraph_fp.sh more robust (git-fixes).
* perf tool: fix dereferencing NULL al->maps (git-fixes).
* perf tools: Add/use PMU reverse lookup from config to name (git-fixes).
* perf tools: Use pmus to describe type from attribute (git-fixes).
* perf top: Convert to the global annotation_options (git-fixes).
* perf/core: Fix missing wakeup when waiting for context reference (git-
fixes).
* perf/x86/intel/cstate: Add pkg C2 residency counter for Sierra Forest (git-
fixes).
* perf/x86/intel/cstate: Fix Alderlake/Raptorlake/Meteorlake (git-fixes).
* perf/x86/intel/ds: Fix non 0 retire latency on Raptorlake (git-fixes).
* perf/x86/intel/pt: Fix a topa_entry base address calculation (git-fixes).
* perf/x86/intel/pt: Fix pt_topa_entry_for_page() address calculation (git-
fixes).
* perf/x86/intel/pt: Fix topa_entry base length (git-fixes).
* perf/x86/intel/uncore: Fix the bits of the CHA extended umask for SPR (git-
fixes).
* perf/x86/intel/uncore: Support HBM and CXL PMON counters (bsc#1230119).
* perf/x86/intel: Add a distinct name for Granite Rapids (git-fixes).
* perf/x86/intel: Factor out the initialization code for SPR (git fixes).
* perf/x86/intel: Limit the period on Haswell (git-fixes).
* perf/x86/intel: Use the common uarch name for the shared functions (git
fixes).
* perf/x86/uncore: Apply the unit control RB tree to MMIO uncore units
(bsc#1230119).
* perf/x86/uncore: Apply the unit control RB tree to MSR uncore units
(bsc#1230119).
* perf/x86/uncore: Apply the unit control RB tree to PCI uncore units
(bsc#1230119).
* perf/x86/uncore: Cleanup unused unit structure (bsc#1230119).
* perf/x86/uncore: Retrieve the unit ID from the unit control RB tree
(bsc#1230119).
* perf/x86/uncore: Save the unit control address of all units (bsc#1230119).
* perf/x86/uncore: Support per PMU cpumask (bsc#1230119).
* perf/x86: Fix smp_processor_id()-in-preemptible warnings (git-fixes).
* perf/x86: Serialize set_attr_rdpmc() (git-fixes).
* perf: Fix default aux_watermark calculation (git-fixes).
* perf: Fix event leak upon exit (git-fixes).
* perf: Fix perf_aux_size() for greater-than 32-bit size (git-fixes).
* perf: Prevent passing zero nr_pages to rb_alloc_aux() (git-fixes).
* perf: script: add raw|disasm arguments to --insn-trace option (git-fixes).
* phy: zynqmp: Take the phy mutex in xlate (stable-fixes).
* pinctrl: at91: make it work with current gpiolib (stable-fixes).
* pinctrl: meteorlake: Add Arrow Lake-H/U ACPI ID (stable-fixes).
* pinctrl: single: fix missing error code in pcs_probe() (git-fixes).
* platform/chrome: cros_ec_lpc: MEC access can use an AML mutex (stable-
fixes).
* platform/surface: aggregator_registry: Add Support for Surface Pro 10
(stable-fixes).
* platform/surface: aggregator_registry: Add support for Surface Laptop Go 3
(stable-fixes).
* platform/x86: dell-smbios: Fix error path in dell_smbios_init() (git-fixes).
* platform/x86: panasonic-laptop: Allocate 1 entry extra in the sinf array
(git-fixes).
* platform/x86: panasonic-laptop: Fix SINF array out of bounds accesses (git-
fixes).
* platform/x86: x86-android-tablets: Make Lenovo Yoga Tab 3 X90F DMI match
less strict (stable-fixes).
* power: supply: Drop use_cnt check from power_supply_property_is_writeable()
(git-fixes).
* power: supply: axp20x_battery: Remove design from min and max voltage (git-
fixes).
* power: supply: hwmon: Fix missing temp1_max_alarm attribute (git-fixes).
* power: supply: max17042_battery: Fix SOC threshold calc w/ no current sense
(git-fixes).
* powercap/intel_rapl: Add support for AMD family 1Ah (stable-fixes).
* powerpc/qspinlock: Fix deadlock in MCS queue (bac#1230295 ltc#206656).
* pwm: xilinx: Fix u32 overflow issue in 32-bit width PWM mode (stable-fixes).
* r8152: add vendor/device ID pair for D-Link DUB-E250 (git-fixes).
* regmap: maple: work around gcc-14.1 false-positive warning (stable-fixes).
* regmap: spi: Fix potential off-by-one when calculating reserved size
(stable-fixes).
* regulator: Return actual error in of_regulator_bulk_get_all() (git-fixes).
* regulator: core: Fix regulator_is_supported_voltage() kerneldoc return value
(git-fixes).
* regulator: core: Fix short description for _regulator_check_status_enabled()
(git-fixes).
* regulator: core: Stub devm_regulator_bulk_get_const() if !CONFIG_REGULATOR
(git-fixes).
* regulator: rt5120: Convert comma to semicolon (git-fixes).
* regulator: wm831x-isink: Convert comma to semicolon (git-fixes).
* remoteproc: imx_rproc: Correct ddr alias for i.MX8M (git-fixes).
* remoteproc: imx_rproc: Initialize workqueue earlier (git-fixes).
* remoteproc: k3-r5: Fix error handling when power-up failed (git-fixes).
* reset: berlin: fix OF node leak in probe() error path (git-fixes).
* reset: k210: fix OF node leak in probe() error path (git-fixes).
* resource: fix region_intersects() vs add_memory_driver_managed() (git-
fixes).
* rpm/check-for-config-changes: Exclude ARCH_USING_PATCHABLE_FUNCTION_ENTRY
gcc version dependent, at least on ppc
* rtc: at91sam9: fix OF node leak in probe() error path (git-fixes).
* s390/dasd: Fix redundant /proc/dasd* entries removal (bsc#1227694).
* s390/dasd: Remove DMA alignment (LTC#208933 bsc#1230426 git-fixes).
* s390/mm: Convert gmap_make_secure to use a folio (git-fixes bsc#1230562).
* s390/mm: Convert make_page_secure to use a folio (git-fixes bsc#1230563).
* s390: allow pte_offset_map_lock() to fail (git-fixes bsc#1230564).
* scripts: kconfig: merge_config: config files: add a trailing newline
(stable-fixes).
* scripts: sphinx-pre-install: remove unnecessary double check for
$cur_version (git-fixes).
* scsi: ibmvfc: Add max_sectors module parameter (bsc#1216223).
* scsi: lpfc: Change diagnostic log flag during receipt of unknown ELS cmds
(bsc#1229429 jsc#PED-9899).
* scsi: lpfc: Fix overflow build issue (bsc#1229429 jsc#PED-9899).
* scsi: lpfc: Fix unintentional double clearing of vmid_flag (bsc#1229429
jsc#PED-9899).
* scsi: lpfc: Fix unsolicited FLOGI kref imbalance when in direct attached
topology (bsc#1229429 jsc#PED-9899).
* scsi: lpfc: Remove redundant vport assignment when building an abort request
(bsc#1229429 jsc#PED-9899).
* scsi: lpfc: Update PRLO handling in direct attached topology (bsc#1229429
jsc#PED-9899).
* scsi: lpfc: Update lpfc version to 14.4.0.4 (bsc#1229429 jsc#PED-9899).
* scsi: lpfc: Validate hdwq pointers before dereferencing in reset/errata
paths (bsc#1229429 jsc#PED-9899).
* scsi: sd: Fix off-by-one error in sd_read_block_characteristics()
(bsc#1223848).
* selftests: lib: remove strscpy test (git-fixes).
* selinux,smack: do not bypass permissions check in inode_setsecctx hook
(stable-fixes).
* soc: fsl: cpm1: tsa: Fix tsa_write8() (git-fixes).
* soc: versatile: integrator: fix OF node leak in probe() error path (git-
fixes).
* spi: atmel-quadspi: Avoid overwriting delay register settings (git-fixes).
* spi: atmel-quadspi: Undo runtime PM changes at driver exit time (git-fixes).
* spi: bcm63xx: Enable module autoloading (stable-fixes).
* spi: bcm63xx: Fix module autoloading (git-fixes).
* spi: meson-spicc: convert comma to semicolon (git-fixes).
* spi: nxp-fspi: fix the KASAN report out-of-bounds bug (git-fixes).
* spi: ppc4xx: Avoid returning 0 when failed to parse and map IRQ (git-fixes).
* spi: ppc4xx: handle irq_of_parse_and_map() errors (git-fixes).
* spi: rockchip: Resolve unbalanced runtime PM / system PM handling (git-
fixes).
* spi: rpc-if: Add missing MODULE_DEVICE_TABLE (git-fixes).
* spi: spi-fsl-lpspi: Undo runtime PM changes at driver exit time (git-fixes).
* spi: spidev: Add an entry for elgin,jg10309-01 (stable-fixes).
* spi: spidev: Add missing spi_device_id for jg10309-01 (git-fixes).
* staging: iio: frequency: ad9834: Validate frequency parameter value (git-
fixes).
* supported.conf: mark adiantum and xctr crypto modules as supported
(bsc#1231035)
* thunderbolt: Fix XDomain rx_lanes_show and tx_lanes_show (git-fixes).
* thunderbolt: Fix calculation of consumed USB3 bandwidth on a path (git-
fixes).
* thunderbolt: Fix rollback in tb_port_lane_bonding_enable() for lane 1 (git-
fixes).
* thunderbolt: There are only 5 basic router registers in pre-USB4 routers
(git-fixes).
* tomoyo: fallback to realpath if symlink's pathname does not exist (git-
fixes).
* tools/perf: Fix the string match for "/tmp/perf-$PID.map" files in dso__load
(git-fixes).
* tpm: Clean up TPM space after command failure (git-fixes).
* tracing: Avoid possible softlockup in tracing_iter_reset() (git-fixes).
* tty: rp2: Fix reset with non forgiving PCIe host bridges (git-fixes).
* uio_hv_generic: Fix kernel NULL pointer dereference in hv_uio_rescind (git-
fixes).
* usb: cdnsp: Fix incorrect usb_request status (git-fixes).
* usb: dwc2: Skip clock gating on Broadcom SoCs (git-fixes).
* usb: dwc2: drd: fix clock gating on USB role switch (git-fixes).
* usb: dwc3: Avoid waking up gadget during startxfer (git-fixes).
* usb: dwc3: core: Prevent USB core invalid event buffer address access (git-
fixes).
* usb: dwc3: core: Prevent USB core invalid event buffer address access
(stable-fixes).
* usb: dwc3: core: update LC timer as per USB Spec V3.2 (stable-fixes).
* usb: gadget: aspeed_udc: validate endpoint index for ast udc (stable-fixes).
* usb: typec: ucsi: Fix null pointer dereference in trace (stable-fixes).
* usb: typec: ucsi: Wait 20ms before reading CCI after a reset (git-fixes).
* usb: uas: set host status byte on data completion error (stable-fixes).
* usbip: Do not submit special requests twice (stable-fixes).
* usbnet: ipheth: add CDC NCM support (git-fixes).
* usbnet: ipheth: do not stop RX on failing RX callback (git-fixes).
* usbnet: ipheth: drop RX URBs with no payload (git-fixes).
* usbnet: ipheth: fix carrier detection in modes 1 and 4 (git-fixes).
* usbnet: ipheth: fix risk of NULL pointer deallocation (git-fixes).
* usbnet: ipheth: race between ipheth_close and error handling (stable-fixes).
* usbnet: ipheth: remove extraneous rx URB length check (git-fixes).
* usbnet: ipheth: transmit URBs without trailing padding (git-fixes).
* usbnet: modern method to get random MAC (git-fixes).
* virtio-net: synchronize probe with ndo_set_features (git-fixes).
* virtio_net: Fix napi_skb_cache_put warning (git-fixes).
* virtio_net: fixing XDP for fully checksummed packets handling (git-fixes).
* watchdog: imx_sc_wdt: Do not disable WDT in suspend (git-fixes).
* wifi: ath11k: initialize 'ret' in ath11k_qmi_load_file_target_mem() (stable-
fixes).
* wifi: ath12k: fix BSS chan info request WMI command (git-fixes).
* wifi: ath12k: fix firmware crash due to invalid peer nss (stable-fixes).
* wifi: ath12k: fix invalid AMPDU factor calculation in
ath12k_peer_assoc_h_he() (git-fixes).
* wifi: ath12k: fix uninitialize symbol error on ath12k_peer_assoc_h_he()
(stable-fixes).
* wifi: ath12k: initialize 'ret' in ath12k_dp_rxdma_ring_sel_config_wcn7850()
(stable-fixes).
* wifi: ath12k: initialize 'ret' in ath12k_qmi_load_file_target_mem() (stable-
fixes).
* wifi: ath12k: match WMI BSS chan info structure with firmware definition
(git-fixes).
* wifi: ath9k: Remove error checks when creating debugfs entries (git-fixes).
* wifi: brcmfmac: introducing fwil query functions (git-fixes).
* wifi: brcmsmac: advertise MFP_CAPABLE to enable WPA3 (stable-fixes).
* wifi: cfg80211: fix UBSAN noise in cfg80211_wext_siwscan() (git-fixes).
* wifi: cfg80211: fix bug of mapping AF3x to incorrect User Priority (git-
fixes).
* wifi: cfg80211: fix two more possible UBSAN-detected off-by-one errors (git-
fixes).
* wifi: cfg80211: make hash table duplicates more survivable (stable-fixes).
* wifi: cfg80211: restrict operation during radar detection (stable-fixes).
* wifi: iwlwifi: clear trans->state earlier upon error (stable-fixes).
* wifi: iwlwifi: lower message level for FW buffer destination (stable-fixes).
* wifi: iwlwifi: mvm: do not wait for tx queues if firmware is dead (stable-
fixes).
* wifi: iwlwifi: mvm: fix iwl_mvm_max_scan_ie_fw_cmd_room() (stable-fixes).
* wifi: iwlwifi: mvm: fix iwl_mvm_scan_fits() calculation (stable-fixes).
* wifi: iwlwifi: mvm: increase the time between ranging measurements (git-
fixes).
* wifi: iwlwifi: mvm: pause TCM when the firmware is stopped (stable-fixes).
* wifi: iwlwifi: mvm: use IWL_FW_CHECK for link ID check (stable-fixes).
* wifi: mac80211: check ieee80211_bss_info_change_notify() against MLD
(stable-fixes).
* wifi: mac80211: do not use rate mask for offchannel TX either (git-fixes).
* wifi: mac80211: fix the comeback long retry times (git-fixes).
* wifi: mac80211: free skb on error path in ieee80211_beacon_get_ap() (stable-
fixes).
* wifi: mac80211: use two-phase skb reclamation in ieee80211_do_stop() (git-
fixes).
* wifi: mt76: connac: fix checksum offload fields of connac3 RXD (git-fixes).
* wifi: mt76: mt7603: fix mixed declarations and code (git-fixes).
* wifi: mt76: mt7615: check devm_kasprintf() returned value (git-fixes).
* wifi: mt76: mt7915: check devm_kasprintf() returned value (git-fixes).
* wifi: mt76: mt7915: fix oops on non-dbdc mt7986 (git-fixes).
* wifi: mt76: mt7915: fix rx filter setting for bfee functionality (git-
fixes).
* wifi: mt76: mt7921: Check devm_kasprintf() returned value (git-fixes).
* wifi: mt76: mt7921: fix NULL pointer access in mt7921_ipv6_addr_change
(stable-fixes).
* wifi: mt76: mt7921: fix wrong UNII-4 freq range check for the channel usage
(git-fixes).
* wifi: mt76: mt7925: fix a potential array-index-out-of-bounds issue for clc
(git-fixes).
* wifi: mt76: mt7996: fix EHT beamforming capability check (git-fixes).
* wifi: mt76: mt7996: fix HE and EHT beamforming capabilities (git-fixes).
* wifi: mt76: mt7996: fix NULL pointer dereference in mt7996_mcu_sta_bfer_he
(git-fixes).
* wifi: mt76: mt7996: fix traffic delay when switching back to working channel
(git-fixes).
* wifi: mt76: mt7996: fix uninitialized TLV data (git-fixes).
* wifi: mt76: mt7996: fix wmm set of station interface to 3 (git-fixes).
* wifi: mt76: mt7996: use hweight16 to get correct tx antenna (git-fixes).
* wifi: mwifiex: Do not return unused priv in mwifiex_get_priv_by_id()
(stable-fixes).
* wifi: rtw88: 8822c: Fix reported RX band width (git-fixes).
* wifi: rtw88: always wait for both firmware loading attempts (git-fixes).
* wifi: rtw88: remove CPT execution branch never used (git-fixes).
* wifi: rtw88: usb: schedule rx work after everything is set up (stable-
fixes).
* wifi: rtw89: ser: avoid multiple deinit on same CAM (stable-fixes).
* wifi: rtw89: wow: prevent to send unexpected H2C during download Firmware
(stable-fixes).
* wifi: wilc1000: fix potential RCU dereference issue in
wilc_parse_join_bss_param (git-fixes).
* x86/hyperv: fix kexec crash due to VP assist page corruption (git-fixes).
* x86/kaslr: Expose and use the end of the physical memory address space
(bsc#1229443).
* x86/kexec: Add EFI config table identity mapping for kexec kernel
(bsc#1220382).
* x86/mm/ident_map: Use gbpages only where full GB page should be mapped
(bsc#1220382).
* x86/mm: Use lookup_address_in_pgd_attr() in show_fault_oops() (bsc#1221527).
* x86/pat: Fix W^X violation false-positives when running as Xen PV guest
(bsc#1221527).
* x86/pat: Introduce lookup_address_in_pgd_attr() (bsc#1221527).
* x86/pat: Restructure _lookup_address_cpa() (bsc#1221527).
* xen/swiotlb: add alignment check for dma buffers (bsc#1229928).
* xen/swiotlb: fix allocated size (git-fixes).
* xen: add capability to remap non-RAM pages to different PFNs (bsc#1226003).
* xen: allow mapping ACPI data using a different physical address
(bsc#1226003).
* xen: introduce generic helper checking for memory map conflicts
(bsc#1226003).
* xen: move checks for e820 conflicts further up (bsc#1226003).
* xen: move max_pfn in xen_memory_setup() out of function scope (bsc#1226003).
* xen: tolerate ACPI NVS memory overlapping with Xen allocated memory
(bsc#1226003).
* xen: use correct end address of kernel for conflict checking (bsc#1226003).
* xfs: restrict when we try to align cow fork delalloc to cowextsz hints (git-
fixes).
* xhci: Set quirky xHC PCI hosts to D3 _after_ stopping and freeing them (git-
fixes).
* xz: cleanup CRC32 edits from 2018 (git-fixes).
## Special Instructions and Notes:
* Please reboot the system after installing this update.
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* openSUSE Leap 15.6
zypper in -t patch openSUSE-SLE-15.6-2024-3551=1 SUSE-2024-3551=1
* Public Cloud Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP6-2024-3551=1
## Package List:
* openSUSE Leap 15.6 (aarch64 x86_64)
* cluster-md-kmp-azure-debuginfo-6.4.0-150600.8.14.1
* kernel-azure-debuginfo-6.4.0-150600.8.14.1
* kernel-syms-azure-6.4.0-150600.8.14.1
* ocfs2-kmp-azure-6.4.0-150600.8.14.1
* reiserfs-kmp-azure-6.4.0-150600.8.14.1
* dlm-kmp-azure-debuginfo-6.4.0-150600.8.14.1
* ocfs2-kmp-azure-debuginfo-6.4.0-150600.8.14.1
* kernel-azure-optional-debuginfo-6.4.0-150600.8.14.1
* cluster-md-kmp-azure-6.4.0-150600.8.14.1
* kernel-azure-extra-debuginfo-6.4.0-150600.8.14.1
* kernel-azure-optional-6.4.0-150600.8.14.1
* kernel-azure-extra-6.4.0-150600.8.14.1
* gfs2-kmp-azure-debuginfo-6.4.0-150600.8.14.1
* dlm-kmp-azure-6.4.0-150600.8.14.1
* kernel-azure-livepatch-devel-6.4.0-150600.8.14.1
* kselftests-kmp-azure-6.4.0-150600.8.14.1
* kselftests-kmp-azure-debuginfo-6.4.0-150600.8.14.1
* kernel-azure-devel-6.4.0-150600.8.14.1
* kernel-azure-devel-debuginfo-6.4.0-150600.8.14.1
* gfs2-kmp-azure-6.4.0-150600.8.14.1
* kernel-azure-debugsource-6.4.0-150600.8.14.1
* reiserfs-kmp-azure-debuginfo-6.4.0-150600.8.14.1
* openSUSE Leap 15.6 (aarch64 nosrc x86_64)
* kernel-azure-6.4.0-150600.8.14.1
* openSUSE Leap 15.6 (x86_64)
* kernel-azure-vdso-debuginfo-6.4.0-150600.8.14.1
* kernel-azure-vdso-6.4.0-150600.8.14.1
* openSUSE Leap 15.6 (noarch)
* kernel-devel-azure-6.4.0-150600.8.14.1
* kernel-source-azure-6.4.0-150600.8.14.1
* Public Cloud Module 15-SP6 (aarch64 nosrc x86_64)
* kernel-azure-6.4.0-150600.8.14.1
* Public Cloud Module 15-SP6 (aarch64 x86_64)
* kernel-azure-devel-6.4.0-150600.8.14.1
* kernel-azure-debuginfo-6.4.0-150600.8.14.1
* kernel-azure-devel-debuginfo-6.4.0-150600.8.14.1
* kernel-azure-debugsource-6.4.0-150600.8.14.1
* kernel-syms-azure-6.4.0-150600.8.14.1
* Public Cloud Module 15-SP6 (noarch)
* kernel-devel-azure-6.4.0-150600.8.14.1
* kernel-source-azure-6.4.0-150600.8.14.1
## References:
* https://www.suse.com/security/cve/CVE-2023-52610.html
* https://www.suse.com/security/cve/CVE-2023-52752.html
* https://www.suse.com/security/cve/CVE-2023-52915.html
* https://www.suse.com/security/cve/CVE-2023-52916.html
* https://www.suse.com/security/cve/CVE-2024-26640.html
* https://www.suse.com/security/cve/CVE-2024-26759.html
* https://www.suse.com/security/cve/CVE-2024-26804.html
* https://www.suse.com/security/cve/CVE-2024-36953.html
* https://www.suse.com/security/cve/CVE-2024-38538.html
* https://www.suse.com/security/cve/CVE-2024-38596.html
* https://www.suse.com/security/cve/CVE-2024-38632.html
* https://www.suse.com/security/cve/CVE-2024-40965.html
* https://www.suse.com/security/cve/CVE-2024-40973.html
* https://www.suse.com/security/cve/CVE-2024-40983.html
* https://www.suse.com/security/cve/CVE-2024-42154.html
* https://www.suse.com/security/cve/CVE-2024-42243.html
* https://www.suse.com/security/cve/CVE-2024-42252.html
* https://www.suse.com/security/cve/CVE-2024-42265.html
* https://www.suse.com/security/cve/CVE-2024-42294.html
* https://www.suse.com/security/cve/CVE-2024-42304.html
* https://www.suse.com/security/cve/CVE-2024-42305.html
* https://www.suse.com/security/cve/CVE-2024-42306.html
* https://www.suse.com/security/cve/CVE-2024-43828.html
* https://www.suse.com/security/cve/CVE-2024-43832.html
* https://www.suse.com/security/cve/CVE-2024-43835.html
* https://www.suse.com/security/cve/CVE-2024-43845.html
* https://www.suse.com/security/cve/CVE-2024-43870.html
* https://www.suse.com/security/cve/CVE-2024-43890.html
* https://www.suse.com/security/cve/CVE-2024-43898.html
* https://www.suse.com/security/cve/CVE-2024-43904.html
* https://www.suse.com/security/cve/CVE-2024-43914.html
* https://www.suse.com/security/cve/CVE-2024-44935.html
* https://www.suse.com/security/cve/CVE-2024-44944.html
* https://www.suse.com/security/cve/CVE-2024-44946.html
* https://www.suse.com/security/cve/CVE-2024-44947.html
* https://www.suse.com/security/cve/CVE-2024-44948.html
* https://www.suse.com/security/cve/CVE-2024-44950.html
* https://www.suse.com/security/cve/CVE-2024-44951.html
* https://www.suse.com/security/cve/CVE-2024-44952.html
* https://www.suse.com/security/cve/CVE-2024-44954.html
* https://www.suse.com/security/cve/CVE-2024-44960.html
* https://www.suse.com/security/cve/CVE-2024-44961.html
* https://www.suse.com/security/cve/CVE-2024-44962.html
* https://www.suse.com/security/cve/CVE-2024-44965.html
* https://www.suse.com/security/cve/CVE-2024-44967.html
* https://www.suse.com/security/cve/CVE-2024-44969.html
* https://www.suse.com/security/cve/CVE-2024-44970.html
* https://www.suse.com/security/cve/CVE-2024-44971.html
* https://www.suse.com/security/cve/CVE-2024-44977.html
* https://www.suse.com/security/cve/CVE-2024-44982.html
* https://www.suse.com/security/cve/CVE-2024-44984.html
* https://www.suse.com/security/cve/CVE-2024-44985.html
* https://www.suse.com/security/cve/CVE-2024-44986.html
* https://www.suse.com/security/cve/CVE-2024-44987.html
* https://www.suse.com/security/cve/CVE-2024-44988.html
* https://www.suse.com/security/cve/CVE-2024-44989.html
* https://www.suse.com/security/cve/CVE-2024-44990.html
* https://www.suse.com/security/cve/CVE-2024-44991.html
* https://www.suse.com/security/cve/CVE-2024-44997.html
* https://www.suse.com/security/cve/CVE-2024-44998.html
* https://www.suse.com/security/cve/CVE-2024-44999.html
* https://www.suse.com/security/cve/CVE-2024-45000.html
* https://www.suse.com/security/cve/CVE-2024-45001.html
* https://www.suse.com/security/cve/CVE-2024-45002.html
* https://www.suse.com/security/cve/CVE-2024-45003.html
* https://www.suse.com/security/cve/CVE-2024-45005.html
* https://www.suse.com/security/cve/CVE-2024-45006.html
* https://www.suse.com/security/cve/CVE-2024-45007.html
* https://www.suse.com/security/cve/CVE-2024-45008.html
* https://www.suse.com/security/cve/CVE-2024-45011.html
* https://www.suse.com/security/cve/CVE-2024-45012.html
* https://www.suse.com/security/cve/CVE-2024-45013.html
* https://www.suse.com/security/cve/CVE-2024-45015.html
* https://www.suse.com/security/cve/CVE-2024-45017.html
* https://www.suse.com/security/cve/CVE-2024-45018.html
* https://www.suse.com/security/cve/CVE-2024-45019.html
* https://www.suse.com/security/cve/CVE-2024-45020.html
* https://www.suse.com/security/cve/CVE-2024-45021.html
* https://www.suse.com/security/cve/CVE-2024-45022.html
* https://www.suse.com/security/cve/CVE-2024-45023.html
* https://www.suse.com/security/cve/CVE-2024-45026.html
* https://www.suse.com/security/cve/CVE-2024-45028.html
* https://www.suse.com/security/cve/CVE-2024-45029.html
* https://www.suse.com/security/cve/CVE-2024-45030.html
* https://www.suse.com/security/cve/CVE-2024-46672.html
* https://www.suse.com/security/cve/CVE-2024-46673.html
* https://www.suse.com/security/cve/CVE-2024-46674.html
* https://www.suse.com/security/cve/CVE-2024-46675.html
* https://www.suse.com/security/cve/CVE-2024-46676.html
* https://www.suse.com/security/cve/CVE-2024-46677.html
* https://www.suse.com/security/cve/CVE-2024-46679.html
* https://www.suse.com/security/cve/CVE-2024-46685.html
* https://www.suse.com/security/cve/CVE-2024-46686.html
* https://www.suse.com/security/cve/CVE-2024-46687.html
* https://www.suse.com/security/cve/CVE-2024-46689.html
* https://www.suse.com/security/cve/CVE-2024-46691.html
* https://www.suse.com/security/cve/CVE-2024-46692.html
* https://www.suse.com/security/cve/CVE-2024-46693.html
* https://www.suse.com/security/cve/CVE-2024-46694.html
* https://www.suse.com/security/cve/CVE-2024-46695.html
* https://www.suse.com/security/cve/CVE-2024-46702.html
* https://www.suse.com/security/cve/CVE-2024-46706.html
* https://www.suse.com/security/cve/CVE-2024-46707.html
* https://www.suse.com/security/cve/CVE-2024-46709.html
* https://www.suse.com/security/cve/CVE-2024-46710.html
* https://www.suse.com/security/cve/CVE-2024-46714.html
* https://www.suse.com/security/cve/CVE-2024-46715.html
* https://www.suse.com/security/cve/CVE-2024-46716.html
* https://www.suse.com/security/cve/CVE-2024-46717.html
* https://www.suse.com/security/cve/CVE-2024-46719.html
* https://www.suse.com/security/cve/CVE-2024-46720.html
* https://www.suse.com/security/cve/CVE-2024-46722.html
* https://www.suse.com/security/cve/CVE-2024-46723.html
* https://www.suse.com/security/cve/CVE-2024-46724.html
* https://www.suse.com/security/cve/CVE-2024-46725.html
* https://www.suse.com/security/cve/CVE-2024-46726.html
* https://www.suse.com/security/cve/CVE-2024-46728.html
* https://www.suse.com/security/cve/CVE-2024-46729.html
* https://www.suse.com/security/cve/CVE-2024-46730.html
* https://www.suse.com/security/cve/CVE-2024-46731.html
* https://www.suse.com/security/cve/CVE-2024-46732.html
* https://www.suse.com/security/cve/CVE-2024-46734.html
* https://www.suse.com/security/cve/CVE-2024-46735.html
* https://www.suse.com/security/cve/CVE-2024-46737.html
* https://www.suse.com/security/cve/CVE-2024-46738.html
* https://www.suse.com/security/cve/CVE-2024-46739.html
* https://www.suse.com/security/cve/CVE-2024-46741.html
* https://www.suse.com/security/cve/CVE-2024-46743.html
* https://www.suse.com/security/cve/CVE-2024-46744.html
* https://www.suse.com/security/cve/CVE-2024-46745.html
* https://www.suse.com/security/cve/CVE-2024-46746.html
* https://www.suse.com/security/cve/CVE-2024-46747.html
* https://www.suse.com/security/cve/CVE-2024-46749.html
* https://www.suse.com/security/cve/CVE-2024-46750.html
* https://www.suse.com/security/cve/CVE-2024-46751.html
* https://www.suse.com/security/cve/CVE-2024-46752.html
* https://www.suse.com/security/cve/CVE-2024-46753.html
* https://www.suse.com/security/cve/CVE-2024-46755.html
* https://www.suse.com/security/cve/CVE-2024-46756.html
* https://www.suse.com/security/cve/CVE-2024-46757.html
* https://www.suse.com/security/cve/CVE-2024-46758.html
* https://www.suse.com/security/cve/CVE-2024-46759.html
* https://www.suse.com/security/cve/CVE-2024-46760.html
* https://www.suse.com/security/cve/CVE-2024-46761.html
* https://www.suse.com/security/cve/CVE-2024-46767.html
* https://www.suse.com/security/cve/CVE-2024-46771.html
* https://www.suse.com/security/cve/CVE-2024-46772.html
* https://www.suse.com/security/cve/CVE-2024-46773.html
* https://www.suse.com/security/cve/CVE-2024-46774.html
* https://www.suse.com/security/cve/CVE-2024-46776.html
* https://www.suse.com/security/cve/CVE-2024-46778.html
* https://www.suse.com/security/cve/CVE-2024-46780.html
* https://www.suse.com/security/cve/CVE-2024-46781.html
* https://www.suse.com/security/cve/CVE-2024-46783.html
* https://www.suse.com/security/cve/CVE-2024-46784.html
* https://www.suse.com/security/cve/CVE-2024-46786.html
* https://www.suse.com/security/cve/CVE-2024-46787.html
* https://www.suse.com/security/cve/CVE-2024-46791.html
* https://www.suse.com/security/cve/CVE-2024-46794.html
* https://www.suse.com/security/cve/CVE-2024-46797.html
* https://www.suse.com/security/cve/CVE-2024-46798.html
* https://www.suse.com/security/cve/CVE-2024-46822.html
* https://bugzilla.suse.com/show_bug.cgi?id=1012628
* https://bugzilla.suse.com/show_bug.cgi?id=1183045
* https://bugzilla.suse.com/show_bug.cgi?id=1215199
* https://bugzilla.suse.com/show_bug.cgi?id=1216223
* https://bugzilla.suse.com/show_bug.cgi?id=1216776
* https://bugzilla.suse.com/show_bug.cgi?id=1220382
* https://bugzilla.suse.com/show_bug.cgi?id=1221527
* https://bugzilla.suse.com/show_bug.cgi?id=1221610
* https://bugzilla.suse.com/show_bug.cgi?id=1221650
* https://bugzilla.suse.com/show_bug.cgi?id=1222629
* https://bugzilla.suse.com/show_bug.cgi?id=1223600
* https://bugzilla.suse.com/show_bug.cgi?id=1223848
* https://bugzilla.suse.com/show_bug.cgi?id=1225487
* https://bugzilla.suse.com/show_bug.cgi?id=1225812
* https://bugzilla.suse.com/show_bug.cgi?id=1225903
* https://bugzilla.suse.com/show_bug.cgi?id=1226003
* https://bugzilla.suse.com/show_bug.cgi?id=1226507
* https://bugzilla.suse.com/show_bug.cgi?id=1226606
* https://bugzilla.suse.com/show_bug.cgi?id=1226666
* https://bugzilla.suse.com/show_bug.cgi?id=1226846
* https://bugzilla.suse.com/show_bug.cgi?id=1226860
* https://bugzilla.suse.com/show_bug.cgi?id=1227487
* https://bugzilla.suse.com/show_bug.cgi?id=1227694
* https://bugzilla.suse.com/show_bug.cgi?id=1227726
* https://bugzilla.suse.com/show_bug.cgi?id=1227819
* https://bugzilla.suse.com/show_bug.cgi?id=1227885
* https://bugzilla.suse.com/show_bug.cgi?id=1227890
* https://bugzilla.suse.com/show_bug.cgi?id=1227962
* https://bugzilla.suse.com/show_bug.cgi?id=1228090
* https://bugzilla.suse.com/show_bug.cgi?id=1228140
* https://bugzilla.suse.com/show_bug.cgi?id=1228244
* https://bugzilla.suse.com/show_bug.cgi?id=1228507
* https://bugzilla.suse.com/show_bug.cgi?id=1228771
* https://bugzilla.suse.com/show_bug.cgi?id=1229001
* https://bugzilla.suse.com/show_bug.cgi?id=1229004
* https://bugzilla.suse.com/show_bug.cgi?id=1229019
* https://bugzilla.suse.com/show_bug.cgi?id=1229086
* https://bugzilla.suse.com/show_bug.cgi?id=1229167
* https://bugzilla.suse.com/show_bug.cgi?id=1229169
* https://bugzilla.suse.com/show_bug.cgi?id=1229289
* https://bugzilla.suse.com/show_bug.cgi?id=1229334
* https://bugzilla.suse.com/show_bug.cgi?id=1229362
* https://bugzilla.suse.com/show_bug.cgi?id=1229363
* https://bugzilla.suse.com/show_bug.cgi?id=1229364
* https://bugzilla.suse.com/show_bug.cgi?id=1229371
* https://bugzilla.suse.com/show_bug.cgi?id=1229380
* https://bugzilla.suse.com/show_bug.cgi?id=1229389
* https://bugzilla.suse.com/show_bug.cgi?id=1229394
* https://bugzilla.suse.com/show_bug.cgi?id=1229429
* https://bugzilla.suse.com/show_bug.cgi?id=1229443
* https://bugzilla.suse.com/show_bug.cgi?id=1229452
* https://bugzilla.suse.com/show_bug.cgi?id=1229455
* https://bugzilla.suse.com/show_bug.cgi?id=1229456
* https://bugzilla.suse.com/show_bug.cgi?id=1229494
* https://bugzilla.suse.com/show_bug.cgi?id=1229585
* https://bugzilla.suse.com/show_bug.cgi?id=1229753
* https://bugzilla.suse.com/show_bug.cgi?id=1229764
* https://bugzilla.suse.com/show_bug.cgi?id=1229768
* https://bugzilla.suse.com/show_bug.cgi?id=1229790
* https://bugzilla.suse.com/show_bug.cgi?id=1229810
* https://bugzilla.suse.com/show_bug.cgi?id=1229899
* https://bugzilla.suse.com/show_bug.cgi?id=1229928
* https://bugzilla.suse.com/show_bug.cgi?id=1230015
* https://bugzilla.suse.com/show_bug.cgi?id=1230119
* https://bugzilla.suse.com/show_bug.cgi?id=1230123
* https://bugzilla.suse.com/show_bug.cgi?id=1230124
* https://bugzilla.suse.com/show_bug.cgi?id=1230125
* https://bugzilla.suse.com/show_bug.cgi?id=1230169
* https://bugzilla.suse.com/show_bug.cgi?id=1230170
* https://bugzilla.suse.com/show_bug.cgi?id=1230171
* https://bugzilla.suse.com/show_bug.cgi?id=1230173
* https://bugzilla.suse.com/show_bug.cgi?id=1230174
* https://bugzilla.suse.com/show_bug.cgi?id=1230175
* https://bugzilla.suse.com/show_bug.cgi?id=1230176
* https://bugzilla.suse.com/show_bug.cgi?id=1230178
* https://bugzilla.suse.com/show_bug.cgi?id=1230180
* https://bugzilla.suse.com/show_bug.cgi?id=1230181
* https://bugzilla.suse.com/show_bug.cgi?id=1230185
* https://bugzilla.suse.com/show_bug.cgi?id=1230191
* https://bugzilla.suse.com/show_bug.cgi?id=1230192
* https://bugzilla.suse.com/show_bug.cgi?id=1230193
* https://bugzilla.suse.com/show_bug.cgi?id=1230194
* https://bugzilla.suse.com/show_bug.cgi?id=1230195
* https://bugzilla.suse.com/show_bug.cgi?id=1230200
* https://bugzilla.suse.com/show_bug.cgi?id=1230204
* https://bugzilla.suse.com/show_bug.cgi?id=1230206
* https://bugzilla.suse.com/show_bug.cgi?id=1230207
* https://bugzilla.suse.com/show_bug.cgi?id=1230209
* https://bugzilla.suse.com/show_bug.cgi?id=1230211
* https://bugzilla.suse.com/show_bug.cgi?id=1230213
* https://bugzilla.suse.com/show_bug.cgi?id=1230217
* https://bugzilla.suse.com/show_bug.cgi?id=1230221
* https://bugzilla.suse.com/show_bug.cgi?id=1230224
* https://bugzilla.suse.com/show_bug.cgi?id=1230230
* https://bugzilla.suse.com/show_bug.cgi?id=1230232
* https://bugzilla.suse.com/show_bug.cgi?id=1230233
* https://bugzilla.suse.com/show_bug.cgi?id=1230240
* https://bugzilla.suse.com/show_bug.cgi?id=1230244
* https://bugzilla.suse.com/show_bug.cgi?id=1230245
* https://bugzilla.suse.com/show_bug.cgi?id=1230247
* https://bugzilla.suse.com/show_bug.cgi?id=1230248
* https://bugzilla.suse.com/show_bug.cgi?id=1230269
* https://bugzilla.suse.com/show_bug.cgi?id=1230270
* https://bugzilla.suse.com/show_bug.cgi?id=1230295
* https://bugzilla.suse.com/show_bug.cgi?id=1230340
* https://bugzilla.suse.com/show_bug.cgi?id=1230350
* https://bugzilla.suse.com/show_bug.cgi?id=1230413
* https://bugzilla.suse.com/show_bug.cgi?id=1230426
* https://bugzilla.suse.com/show_bug.cgi?id=1230430
* https://bugzilla.suse.com/show_bug.cgi?id=1230431
* https://bugzilla.suse.com/show_bug.cgi?id=1230432
* https://bugzilla.suse.com/show_bug.cgi?id=1230433
* https://bugzilla.suse.com/show_bug.cgi?id=1230434
* https://bugzilla.suse.com/show_bug.cgi?id=1230435
* https://bugzilla.suse.com/show_bug.cgi?id=1230440
* https://bugzilla.suse.com/show_bug.cgi?id=1230441
* https://bugzilla.suse.com/show_bug.cgi?id=1230442
* https://bugzilla.suse.com/show_bug.cgi?id=1230444
* https://bugzilla.suse.com/show_bug.cgi?id=1230450
* https://bugzilla.suse.com/show_bug.cgi?id=1230451
* https://bugzilla.suse.com/show_bug.cgi?id=1230454
* https://bugzilla.suse.com/show_bug.cgi?id=1230455
* https://bugzilla.suse.com/show_bug.cgi?id=1230457
* https://bugzilla.suse.com/show_bug.cgi?id=1230459
* https://bugzilla.suse.com/show_bug.cgi?id=1230506
* https://bugzilla.suse.com/show_bug.cgi?id=1230507
* https://bugzilla.suse.com/show_bug.cgi?id=1230511
* https://bugzilla.suse.com/show_bug.cgi?id=1230515
* https://bugzilla.suse.com/show_bug.cgi?id=1230517
* https://bugzilla.suse.com/show_bug.cgi?id=1230518
* https://bugzilla.suse.com/show_bug.cgi?id=1230519
* https://bugzilla.suse.com/show_bug.cgi?id=1230520
* https://bugzilla.suse.com/show_bug.cgi?id=1230521
* https://bugzilla.suse.com/show_bug.cgi?id=1230524
* https://bugzilla.suse.com/show_bug.cgi?id=1230526
* https://bugzilla.suse.com/show_bug.cgi?id=1230533
* https://bugzilla.suse.com/show_bug.cgi?id=1230535
* https://bugzilla.suse.com/show_bug.cgi?id=1230539
* https://bugzilla.suse.com/show_bug.cgi?id=1230540
* https://bugzilla.suse.com/show_bug.cgi?id=1230549
* https://bugzilla.suse.com/show_bug.cgi?id=1230556
* https://bugzilla.suse.com/show_bug.cgi?id=1230562
* https://bugzilla.suse.com/show_bug.cgi?id=1230563
* https://bugzilla.suse.com/show_bug.cgi?id=1230564
* https://bugzilla.suse.com/show_bug.cgi?id=1230580
* https://bugzilla.suse.com/show_bug.cgi?id=1230582
* https://bugzilla.suse.com/show_bug.cgi?id=1230589
* https://bugzilla.suse.com/show_bug.cgi?id=1230602
* https://bugzilla.suse.com/show_bug.cgi?id=1230699
* https://bugzilla.suse.com/show_bug.cgi?id=1230700
* https://bugzilla.suse.com/show_bug.cgi?id=1230701
* https://bugzilla.suse.com/show_bug.cgi?id=1230702
* https://bugzilla.suse.com/show_bug.cgi?id=1230703
* https://bugzilla.suse.com/show_bug.cgi?id=1230704
* https://bugzilla.suse.com/show_bug.cgi?id=1230705
* https://bugzilla.suse.com/show_bug.cgi?id=1230706
* https://bugzilla.suse.com/show_bug.cgi?id=1230709
* https://bugzilla.suse.com/show_bug.cgi?id=1230711
* https://bugzilla.suse.com/show_bug.cgi?id=1230712
* https://bugzilla.suse.com/show_bug.cgi?id=1230715
* https://bugzilla.suse.com/show_bug.cgi?id=1230719
* https://bugzilla.suse.com/show_bug.cgi?id=1230722
* https://bugzilla.suse.com/show_bug.cgi?id=1230724
* https://bugzilla.suse.com/show_bug.cgi?id=1230725
* https://bugzilla.suse.com/show_bug.cgi?id=1230726
* https://bugzilla.suse.com/show_bug.cgi?id=1230727
* https://bugzilla.suse.com/show_bug.cgi?id=1230730
* https://bugzilla.suse.com/show_bug.cgi?id=1230731
* https://bugzilla.suse.com/show_bug.cgi?id=1230732
* https://bugzilla.suse.com/show_bug.cgi?id=1230747
* https://bugzilla.suse.com/show_bug.cgi?id=1230748
* https://bugzilla.suse.com/show_bug.cgi?id=1230749
* https://bugzilla.suse.com/show_bug.cgi?id=1230751
* https://bugzilla.suse.com/show_bug.cgi?id=1230752
* https://bugzilla.suse.com/show_bug.cgi?id=1230753
* https://bugzilla.suse.com/show_bug.cgi?id=1230756
* https://bugzilla.suse.com/show_bug.cgi?id=1230761
* https://bugzilla.suse.com/show_bug.cgi?id=1230766
* https://bugzilla.suse.com/show_bug.cgi?id=1230767
* https://bugzilla.suse.com/show_bug.cgi?id=1230768
* https://bugzilla.suse.com/show_bug.cgi?id=1230771
* https://bugzilla.suse.com/show_bug.cgi?id=1230772
* https://bugzilla.suse.com/show_bug.cgi?id=1230775
* https://bugzilla.suse.com/show_bug.cgi?id=1230776
* https://bugzilla.suse.com/show_bug.cgi?id=1230780
* https://bugzilla.suse.com/show_bug.cgi?id=1230783
* https://bugzilla.suse.com/show_bug.cgi?id=1230786
* https://bugzilla.suse.com/show_bug.cgi?id=1230787
* https://bugzilla.suse.com/show_bug.cgi?id=1230791
* https://bugzilla.suse.com/show_bug.cgi?id=1230794
* https://bugzilla.suse.com/show_bug.cgi?id=1230796
* https://bugzilla.suse.com/show_bug.cgi?id=1230802
* https://bugzilla.suse.com/show_bug.cgi?id=1230806
* https://bugzilla.suse.com/show_bug.cgi?id=1230808
* https://bugzilla.suse.com/show_bug.cgi?id=1230809
* https://bugzilla.suse.com/show_bug.cgi?id=1230810
* https://bugzilla.suse.com/show_bug.cgi?id=1230812
* https://bugzilla.suse.com/show_bug.cgi?id=1230813
* https://bugzilla.suse.com/show_bug.cgi?id=1230814
* https://bugzilla.suse.com/show_bug.cgi?id=1230815
* https://bugzilla.suse.com/show_bug.cgi?id=1230821
* https://bugzilla.suse.com/show_bug.cgi?id=1230825
* https://bugzilla.suse.com/show_bug.cgi?id=1230830
* https://bugzilla.suse.com/show_bug.cgi?id=1230831
* https://bugzilla.suse.com/show_bug.cgi?id=1230854
* https://bugzilla.suse.com/show_bug.cgi?id=1230948
* https://bugzilla.suse.com/show_bug.cgi?id=1231008
* https://bugzilla.suse.com/show_bug.cgi?id=1231035
* https://bugzilla.suse.com/show_bug.cgi?id=1231120
* https://bugzilla.suse.com/show_bug.cgi?id=1231146
* https://bugzilla.suse.com/show_bug.cgi?id=1231182
* https://bugzilla.suse.com/show_bug.cgi?id=1231183
* https://jira.suse.com/browse/PED-10954
* https://jira.suse.com/browse/PED-9899
SUSE-SU-2024:3552-1: moderate: Security update for pgadmin4
# Security update for pgadmin4
Announcement ID: SUSE-SU-2024:3552-1
Release Date: 2024-10-08T15:04:35Z
Rating: moderate
References:
* bsc#1223868
Cross-References:
* CVE-2024-4216
CVSS scores:
* CVE-2024-4216 ( SUSE ): 5.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:L
Affected Products:
* openSUSE Leap 15.3
* openSUSE Leap 15.5
* Python 3 Module 15-SP6
* Server Applications Module 15-SP5
* SUSE Linux Enterprise Desktop 15 SP6
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise Real Time 15 SP5
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
An update that solves one vulnerability can now be installed.
## Description:
This update for pgadmin4 fixes the following issues:
* CVE-2024-4216: Fixed XSS in /settings/store endpoint (bsc#1223868)
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* openSUSE Leap 15.3
zypper in -t patch SUSE-2024-3552=1
* openSUSE Leap 15.5
zypper in -t patch openSUSE-SLE-15.5-2024-3552=1
* Python 3 Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Python3-15-SP6-2024-3552=1
* Server Applications Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP5-2024-3552=1
## Package List:
* openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586)
* pgadmin4-debuginfo-4.30-150300.3.15.1
* pgadmin4-4.30-150300.3.15.1
* openSUSE Leap 15.3 (noarch)
* pgadmin4-doc-4.30-150300.3.15.1
* pgadmin4-web-4.30-150300.3.15.1
* pgadmin4-web-uwsgi-4.30-150300.3.15.1
* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64)
* pgadmin4-debuginfo-4.30-150300.3.15.1
* pgadmin4-4.30-150300.3.15.1
* openSUSE Leap 15.5 (noarch)
* pgadmin4-doc-4.30-150300.3.15.1
* pgadmin4-web-4.30-150300.3.15.1
* pgadmin4-web-uwsgi-4.30-150300.3.15.1
* Python 3 Module 15-SP6 (noarch)
* pgadmin4-doc-4.30-150300.3.15.1
* pgadmin4-web-4.30-150300.3.15.1
* Python 3 Module 15-SP6 (s390x)
* pgadmin4-debuginfo-4.30-150300.3.15.1
* pgadmin4-4.30-150300.3.15.1
* Server Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64)
* pgadmin4-debuginfo-4.30-150300.3.15.1
* pgadmin4-4.30-150300.3.15.1
* Server Applications Module 15-SP5 (noarch)
* pgadmin4-doc-4.30-150300.3.15.1
* pgadmin4-web-4.30-150300.3.15.1
## References:
* https://www.suse.com/security/cve/CVE-2024-4216.html
* https://bugzilla.suse.com/show_bug.cgi?id=1223868
openSUSE-SU-2024:14386-1: moderate: rusty_v8-0.106.0-1.1 on GA media
# rusty_v8-0.106.0-1.1 on GA media
Announcement ID: openSUSE-SU-2024:14386-1
Rating: moderate
Cross-References:
* CVE-2022-37434
CVSS scores:
* CVE-2022-37434 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products:
* openSUSE Tumbleweed
An update that solves one vulnerability can now be installed.
## Description:
These are all security issues fixed in the rusty_v8-0.106.0-1.1 package on the GA media of openSUSE Tumbleweed.
## Package List:
* openSUSE Tumbleweed:
* rusty_v8 0.106.0-1.1
## References:
* https://www.suse.com/security/cve/CVE-2022-37434.html