SUSE 5185 Published by

The following security updates are available for SUSE Linux:

SUSE-SU-2024:2961-1: moderate: Security update for osc
SUSE-SU-2024:2970-1: moderate: Security update for python-WebOb
SUSE-SU-2024:1464-1: important: Security update for jasper
SUSE-SU-2024:1489-1: important: Security update for the Linux Kernel
SUSE-SU-2024:1663-1: important: Security update for the Linux Kernel
SUSE-SU-2024:1856-1: important: Security update for freerdp
SUSE-SU-2024:1486-1: moderate: Security update for cosign
SUSE-SU-2024:1858-1: important: Security update for MozillaThunderbird
SUSE-SU-2024:1860-1: important: Security update for uriparser
SUSE-SU-2024:1855-1: important: Security update for python-PyMySQL
SUSE-SU-2024:1861-1: important: Security update for python3-sqlparse
SUSE-SU-2024:1857-1: moderate: Security update for python-requests
SUSE-SU-2024:1872-1: moderate: Security update for python-tqdm
SUSE-SU-2024:1864-1: moderate: Security update for python-Jinja2
SUSE-SU-2024:1862-1: moderate: Security update for python
SUSE-SU-2024:1859-1: important: Security update for java-1_8_0-ibm
SUSE-SU-2024:1498-2: low: Security update for java-11-openjdk
SUSE-SU-2024:1865-1: moderate: Security update for wireshark
SUSE-SU-2024:1866-1: moderate: Security update for python-aiohttp
SUSE-SU-2024:1863-1: moderate: Security update for python-Jinja2
SUSE-SU-2024:1867-1: moderate: Security update for fwupdate
SUSE-SU-2024:2186-1: important: Security update for gnome-settings-daemon
SUSE-SU-2024:2203-1: important: Security update for the Linux Kernel
SUSE-SU-2024:2052-1: important: Security update for libaom
SUSE-SU-2024:1079-2: important: Security update for netty, netty-tcnative
SUSE-SU-2024:1486-2: moderate: Security update for cosign
SUSE-SU-2024:2187-1: moderate: Security update for ntfs-3g_ntfsprogs
SUSE-SU-2024:2947-1: important: Security update for the Linux Kernel
SUSE-SU-2024:2776-1: moderate: Security update for dri3proto, presentproto, wayland-protocols, xwayland
SUSE-SU-2024:2948-1: important: Security update for the Linux Kernel
SUSE-SU-2024:2933-1: moderate: Security update for openssl-1_1
SUSE-SU-2024:2905-1: important: Security update for webkit2gtk3
SUSE-SU-2024:2891-1: moderate: Security update for openssl-1_1
SUSE-SU-2024:2785-1: moderate: Security update for kernel-firmware
SUSE-SU-2024:2655-1: moderate: Security update for python-dnspython
SUSE-SU-2024:2869-1: important: Security update for ca-certificates-mozilla
SUSE-SU-2024:2658-1: important: Security update for shadow
SUSE-SU-2024:2663-1: important: Security update for orc




SUSE-SU-2024:2961-1: moderate: Security update for osc


# Security update for osc

Announcement ID: SUSE-SU-2024:2961-1
Rating: moderate
References:

* bsc#1122683
* bsc#1212476
* bsc#1218170
* bsc#1221340
* bsc#1225911

Cross-References:

* CVE-2024-22034

CVSS scores:

* CVE-2024-22034 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

Affected Products:

* Development Tools Module 15-SP5
* Development Tools Module 15-SP6
* openSUSE Leap 15.4
* openSUSE Leap 15.5
* openSUSE Leap 15.6
* SUSE Linux Enterprise Desktop 15 SP5
* SUSE Linux Enterprise Desktop 15 SP6
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise Real Time 15 SP5
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP6

An update that solves one vulnerability and has four security fixes can now be
installed.

## Description:

This update for osc fixes the following issues:

* 1.9.0
* Security:
* Fix possibility to overwrite special files in .osc (CVE-2024-22034 bsc#1225911) Source files are now stored in the 'sources' subdirectory which prevents name collisons. This requires changing version of '.osc' store to 2.0.
* Command-line:
* Introduce build --checks parameter
* Library:

* OscConfigParser: Remove automatic **name** option
* 1.8.3

* Command-line:
* Change 'repairwc' command to always run all repair steps
* Library:

* Make most of the fields in KeyinfoPubkey and KeyinfoSslcert models optional
* Fix colorize() to avoid wrapping empty string into color escape sequences
* Provide default values for kwargs.get/pop in get_results() function
* 1.8.2

* Library:

* Change 'repairwc' command to fix missing .osc/_osclib_version
* Make error message in check_store_version() more generic to work for both projects and packages
* Fix check_store_version in project store
* 1.8.1

* Command-line:

* Fix 'linkpac' command crash when used with '\--disable-build' or '\--disable-publish' option
* 1.8.0

* Command-line:
* Improve 'submitrequest' command to inherit description from superseded request
* Fix 'mv' command when renaming a file multiple times
* Improve 'info' command to support projects
* Improve 'getbinaries' command by accepting '-M' / '\--multibuild-package' option outside checkouts
* Add architecture filtering to 'release' command
* Change 'results' command so the normal and multibuild packages have the same output
* Change 'results' command to use csv writer instead of formatting csv as string
* Add couple mutually exclusive options errors to 'results' command
* Set a default value for 'results --format' only for the csv output
* Add support for 'results --format' for the default text mode
* Update help text for '\--format' option in 'results' command
* Add 'results --fail-on-error/-F' flag
* Redirect venv warnings from stderr to debug output
* Configuration:
* Fix config parser to throw an exception on duplicate sections or options
* Modify conf.get_config() to print permissions warning to stderr rather than stdout
* Library:
* Run check_store_version() in obs_scm.Store and fix related code in Project and Package
* Forbid extracting files with absolute path from 'cpio' archives (bsc#1122683)
* Forbid extracting files with absolute path from 'ar' archives (bsc#1122683)
* Remove no longer valid warning from core.unpack_srcrpm()
* Make obs_api.KeyinfoSslcert keyid and fingerprint fields optional
* Fix return value in build build.create_build_descr_data()
* Fix core.get_package_results() to obey 'multibuild_packages' argument
* Tests:

* Fix tests so they don't modify fixtures
* 1.7.0

* Command-line:
* Add 'person search' command
* Add 'person register' command
* Add '-M/--multibuild-package' option to '[what]dependson' commands
* Update '-U/--user' option in 'maintainer' command to accept also an email address
* Fix 'branch' command to allow using '\--new-package' option on packages that do not exist
* Fix 'buildinfo' command to include obs:cli_debug_packages by default
* Fix 'buildinfo' command to send complete local build environment as the 'build' command does
* Fix 'maintainer --devel-project' to raise an error if running outside a working copy without any arguments
* Fix handling arguments in 'service remoterun prj/pac'
* Fix 'rebuild' command so the '\--all' option conflicts with the 'package' argument
* Fix crash when removing 'scmsync' element from dst package meta in 'linkpac' command
* Fix crash when reading dst package meta in 'linkpac' command
* Allow `osc rpmlint` to infer prj/pkg from CWD
* Propagate exit code from the run() and do_() commandline methods
* Give a hint where a scmsync git is hosted
* Fix crash in 'updatepacmetafromspec' command when working with an incomplete spec
* Improve 'updatepacmetafromspec' command to expand rpm spec macros by calling rpmspec to query the data
* Improve 'build' and 'buildinfo' commands by uploading *.inc files to OBS for parsing BuildRequires (bsc#1221340)
* Improve 'service' command by printing names of running services
* Improve 'getbinaries' command by ignoring source and debuginfo filters when a binary name is specified
* Change 'build' command to pass '\--jobs' option to 'build' tool only if 'build_jobs' > 0
* Clarify 'list' command's help that that listing binaries doesn't contain md5 checksums
* Improve 'log' command: produce proper CSV and XML outputs, add -p/--patch option for the text output
* Allow setlinkrev to set a specific vrev
* Document '\--buildtool-opt=--noclean' example in 'build' command's help
* Fix handling the default package argument on the command-line
* Configuration:
* Document loading configuration from env variables
* Connection:
* Don't retry on error 400
* Remove now unused 'retry_on_400' http_request() option from XmlModel
* Revert "Don't retry on 400 HTTP status code in core.server_diff()"
* Revert "connection: Allow disabling retry on 400 HTTP status code"
* Authentication:
* Update SignatureAuthHandler to support specifying ssh key by its fingerprint
* Use ssh key from ssh agent that contains comment 'obs='
* Use strings instead of bytes in SignatureAuthHandler
* Cache password from SecretService to avoid spamming user with an accept dialog
* Never ask for credentials when displaying help
* Remove unused SignatureAuthHandler.get_fingerprint()
* Library:
* Add rootless build support for 'qemu' VM type
* Support package linking of packages from scmsync projects
* Fix do_createrequest() function to return None instead of request id
* Replace invalid 'if' with 'elif' in BaseModel.dict()
* Fix crash when no prefered packages are defined
* Add XmlModel class that encapsulates manipulation with XML
* Add obs_api.Person.cmd_register() for registering new users
* Fix conf.get_config() to ignore file type bits when comparing oscrc perms
* Fix conf.get_config() to correctly handle overrides when env variables are set
* Fix output.tty.IS_INTERACTIVE when os.isatty() throws OSError
* Improve cmdln.HelpFormatter to obey newline characters
* Update list of color codes in 'output.tty' module
* Remove core.setDevelProject() in favor of core.set_devel_project()
* Move removing control characters to output.sanitize_text()
* Improve sanitize_text() to keep selected CSI escape sequences
* Add output.pipe_to_pager() that pipes lines to a pager without creating an intermediate temporary file
* Fix output.safe_write() in connection with NamedTemporaryFile
* Modernize output.run_pager()
* Extend output.print_msg() to accept 'error' and 'warning' values of 'to_print' argument
* Add XPathQuery class for translating keyword arguments to an xpath query
* Add obs_api.Keyinfo class
* Add obs_api.Package class
* Add Package.get_revision_list() for listing commit log
* Add obs_api.PackageSources class for handling OBS SCM sources
* Add obs_api.Person class
* Add obs_api.Project class
* Add obs_api.Request class
* Add obs_api.Token class
* Allow storing apiurl in the XmlModel instances
* Allow retrieving default field value from top-level model
* Fix BaseModel to convert dictionaries to objects on retrieving a model list
* Fix BaseModel to always deepcopy mutable defaults on first use
* Implement do_snapshot() and has_changed() methods to determine changes in BaseModel
* Implement total ordering on BaseModel
* Add comments with available attributes/elements to edited XML
* Refactoring:
* Migrate repo {list,add,remove} commands to obs_api.Project
* Migrate core.show_package_disabled_repos() to obs_api.Package
* Migrate core.Package.update_package_meta() to obs_api.Package
* Migrate core.get_repos_of_project() to obs_api.Project
* Migrate core.get_repositories_of_project() to obs_api.Project
* Migrate core.show_scmsync() to obs_api.{Package,Project}
* Migrate core.set_devel_project() to obs_api.Package
* Migrate core.show_devel_project() to obs_api.Package
* Migrate Fetcher.run() to obs_api.Keyinfo
* Migrate core.create_submit_request() to obs_api.Request
* Migrate 'token' command to obs_api.Token
* Migrate 'whois/user' command to obs_api.Person
* Migrate 'signkey' command to obs_api.Keyinfo
* Move print_msg() to the 'osc.output' module
* Move run_pager() and get_default_pager() from 'core' to 'output' module
* Move core.Package to obs_scm.Package
* Move core.Project to obs_scm.Project
* Move functions manipulating store from core to obs_scm.store
* Move store.Store to obs_scm.Store
* Move core.Linkinfo to obs_scm.Linkinfo
* Move core.Serviceinfo to obs_scm.Serviceinfo
* Move core.File to obs_scm.File
* Merge _private.project.ProjectMeta into obs_api.Project
* Spec:

* Remove dependency on /usr/bin/python3 using %python3_fix_shebang macro (bsc#1212476)
* 1.6.2

* Command-line:
* Fix 'branch' command to allow using '\--new-package' option on packages that do not exist
* Fix 'buildinfo' command to include obs:cli_debug_packages by default
* Fix 'buildinfo' command to send complete local build environment as the 'build' command does
* Allow `osc rpmlint` to infer prj/pkg from CWD
* Propagate exit code from the run() and do_() commandline methods
* Give a hint where a scmsync git is hosted
* Fix crash in 'updatepacmetafromspec' command when working with an incomplete spec
* Authentication:
* Cache password from SecretService to avoid spamming user with an accept dialog
* Never ask for credentials when displaying help
* Library:

* Support package linking of packages from scmsync projects
* Fix do_createrequest() function to return None instead of request id
* Replace invalid 'if' with 'elif' in BaseModel.dict()
* Fix crash when no prefered packages are defined
* 1.6.1

* Command-line:
* Use busybox compatible commands for completion
* Change 'wipe' command to use the new get_user_input() function
* Fix error 500 in running 'meta attribute '
* Configuration:
* Fix resolving config symlink to the actual config file
* Honor XDG_CONFIG_HOME and XDG_CACHE_HOME env vars
* Warn about ignoring XDG_CONFIG_HOME and ~/.config/osc/oscrc if ~/.oscrc exists
* Library:

* Error out when branching a scmsync package
* New get_user_input() function for consistent handling of user input
* Move xml_indent, xml_quote and xml_unquote to osc.util.xml module
* Refactor makeurl(), deprecate query taking string or list arguments, drop osc_urlencode()
* Remove all path quoting, rely on makeurl()
* Always use dict query in makeurl()
* Fix core.slash_split() to strip both leading and trailing slashes
* 1.6.0

* Command-line:
* The 'token --trigger' command no longer sets '\--operation=runservice' by default.
* Change 'token --create' command to require '\--operation'
* Fix 'linkdiff' command error 400: prj/pac/md5 not in repository
* Update 'build' command to support building 'productcompose' build type with updateinfo.xml data
* Don't show meter in terminals that are not interactive
* Fix traceback when running osc from an arbitrary git repo that fails to map branch to a project (bsc#1218170)
* Configuration:
* Implement reading credentials from environmental variables
* Allow starting with an empty config if --configfile is either empty or points to /dev/null
* Implement 'quiet' conf option
* Password can be an empty string (commonly used with ssh auth)
* Connection:
* Allow -X HEAD on osc api requests as well
* Library:
* Fix credentials managers to consistently return Password
* Fix Password.encode() on python < 3.8
* Refactor 'meter' module, use config settings to pick the right class
* Convert to using f-strings
* Use Field.get_callback to handle quiet/verbose and http_debug/http_full_debug options
* Implement get_callback that allows modifying returned value to the Field class
* Add support for List[BaseModel] type to Field class
* Report class name when reporting an error during instantiating BaseModel object
* Fix exporting an empty model field in BaseModel.dict()
* Fix initializing a sub-model instance from a dictionary
* Implement 'Enum' support in models
* Fix Field.origin_type for Optional types
* Drop unused 'exclude_unset' argument from BaseModel.dict() method
* Store cached model defaults in self._defaults, avoid sharing references to mutable defaults
* Limit model attributes to predefined fields by forbidding creating new attributes on fly
* Store model values in self._values dict instead of private attributes
* Spec:
* Recommend openssh-clients for ssh-add that is required during ssh auth
* Add 0%{?amzn} macro that wasn't usptreamed

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.4
zypper in -t patch SUSE-2024-2961=1

* openSUSE Leap 15.5
zypper in -t patch openSUSE-SLE-15.5-2024-2961=1

* openSUSE Leap 15.6
zypper in -t patch openSUSE-SLE-15.6-2024-2961=1

* Development Tools Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP5-2024-2961=1

* Development Tools Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2024-2961=1

## Package List:

* openSUSE Leap 15.4 (noarch)
* osc-1.9.0-150400.10.6.1
* openSUSE Leap 15.5 (noarch)
* osc-1.9.0-150400.10.6.1
* openSUSE Leap 15.6 (noarch)
* osc-1.9.0-150400.10.6.1
* Development Tools Module 15-SP5 (noarch)
* osc-1.9.0-150400.10.6.1
* Development Tools Module 15-SP6 (noarch)
* osc-1.9.0-150400.10.6.1

## References:

* https://www.suse.com/security/cve/CVE-2024-22034.html
* https://bugzilla.suse.com/show_bug.cgi?id=1122683
* https://bugzilla.suse.com/show_bug.cgi?id=1212476
* https://bugzilla.suse.com/show_bug.cgi?id=1218170
* https://bugzilla.suse.com/show_bug.cgi?id=1221340
* https://bugzilla.suse.com/show_bug.cgi?id=1225911



SUSE-SU-2024:2970-1: moderate: Security update for python-WebOb


# Security update for python-WebOb

Announcement ID: SUSE-SU-2024:2970-1
Rating: moderate
References:

* bsc#1229221

Cross-References:

* CVE-2024-42353

CVSS scores:

* CVE-2024-42353 ( SUSE ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Affected Products:

* openSUSE Leap 15.4
* openSUSE Leap 15.6

An update that solves one vulnerability can now be installed.

## Description:

This update for python-WebOb fixes the following issues:

* CVE-2024-42353: Fixed open redirect via WebOb's Response object in Location
header (bsc#1229221)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.4
zypper in -t patch SUSE-2024-2970=1

* openSUSE Leap 15.6
zypper in -t patch openSUSE-SLE-15.6-2024-2970=1

## Package List:

* openSUSE Leap 15.4 (noarch)
* python311-WebOb-1.8.7-150400.11.6.1
* openSUSE Leap 15.6 (noarch)
* python311-WebOb-1.8.7-150400.11.6.1

## References:

* https://www.suse.com/security/cve/CVE-2024-42353.html
* https://bugzilla.suse.com/show_bug.cgi?id=1229221



SUSE-SU-2024:1464-1: important: Security update for jasper


# Security update for jasper

Announcement ID: SUSE-SU-2024:1464-1
Rating: important
References:

* bsc#1223155

Cross-References:

* CVE-2024-31744

CVSS scores:

* CVE-2024-31744 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products:

* Basesystem Module 15-SP5
* Desktop Applications Module 15-SP5
* openSUSE Leap 15.5
* SUSE Enterprise Storage 7.1
* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4
* SUSE Linux Enterprise Desktop 15 SP5
* SUSE Linux Enterprise High Performance Computing 15 SP2
* SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2
* SUSE Linux Enterprise High Performance Computing 15 SP3
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
* SUSE Linux Enterprise Real Time 15 SP5
* SUSE Linux Enterprise Server 15 SP2
* SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2
* SUSE Linux Enterprise Server 15 SP3
* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP2
* SUSE Linux Enterprise Server for SAP Applications 15 SP3
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Manager Proxy 4.3
* SUSE Manager Retail Branch Server 4.3
* SUSE Manager Server 4.3

An update that solves one vulnerability can now be installed.

## Description:

This update for jasper fixes the following issues:

* CVE-2024-31744: Fixed denial of service through assertion failure in
jpc_streamlist_remove() (bsc#1223155).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.5
zypper in -t patch openSUSE-SLE-15.5-2024-1464=1

* Basesystem Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-1464=1

* Desktop Applications Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP5-2024-1464=1

* SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-1464=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-1464=1

* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-1464=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-1464=1

* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4
zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-1464=1

* SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-1464=1

* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3
zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-1464=1

* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4
zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-1464=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP2
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-1464=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP3
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-1464=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP4
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-1464=1

* SUSE Manager Proxy 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-1464=1

* SUSE Manager Retail Branch Server 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-
Server-4.3-2024-1464=1

* SUSE Manager Server 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-1464=1

* SUSE Enterprise Storage 7.1
zypper in -t patch SUSE-Storage-7.1-2024-1464=1

## Package List:

* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64)
* libjasper-devel-2.0.14-150000.3.34.1
* jasper-debugsource-2.0.14-150000.3.34.1
* jasper-2.0.14-150000.3.34.1
* libjasper4-2.0.14-150000.3.34.1
* libjasper4-debuginfo-2.0.14-150000.3.34.1
* jasper-debuginfo-2.0.14-150000.3.34.1
* openSUSE Leap 15.5 (x86_64)
* libjasper4-32bit-2.0.14-150000.3.34.1
* libjasper4-32bit-debuginfo-2.0.14-150000.3.34.1
* Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64)
* jasper-debugsource-2.0.14-150000.3.34.1
* libjasper4-2.0.14-150000.3.34.1
* libjasper4-debuginfo-2.0.14-150000.3.34.1
* jasper-debuginfo-2.0.14-150000.3.34.1
* Desktop Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64)
* jasper-debugsource-2.0.14-150000.3.34.1
* libjasper-devel-2.0.14-150000.3.34.1
* jasper-debuginfo-2.0.14-150000.3.34.1
* SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64
x86_64)
* libjasper-devel-2.0.14-150000.3.34.1
* jasper-debugsource-2.0.14-150000.3.34.1
* libjasper4-2.0.14-150000.3.34.1
* libjasper4-debuginfo-2.0.14-150000.3.34.1
* jasper-debuginfo-2.0.14-150000.3.34.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64
x86_64)
* libjasper-devel-2.0.14-150000.3.34.1
* jasper-debugsource-2.0.14-150000.3.34.1
* libjasper4-2.0.14-150000.3.34.1
* libjasper4-debuginfo-2.0.14-150000.3.34.1
* jasper-debuginfo-2.0.14-150000.3.34.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
x86_64)
* libjasper-devel-2.0.14-150000.3.34.1
* jasper-debugsource-2.0.14-150000.3.34.1
* libjasper4-2.0.14-150000.3.34.1
* libjasper4-debuginfo-2.0.14-150000.3.34.1
* jasper-debuginfo-2.0.14-150000.3.34.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
x86_64)
* libjasper-devel-2.0.14-150000.3.34.1
* jasper-debugsource-2.0.14-150000.3.34.1
* libjasper4-2.0.14-150000.3.34.1
* libjasper4-debuginfo-2.0.14-150000.3.34.1
* jasper-debuginfo-2.0.14-150000.3.34.1
* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64)
* libjasper-devel-2.0.14-150000.3.34.1
* jasper-debugsource-2.0.14-150000.3.34.1
* libjasper4-2.0.14-150000.3.34.1
* libjasper4-debuginfo-2.0.14-150000.3.34.1
* jasper-debuginfo-2.0.14-150000.3.34.1
* SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x
x86_64)
* libjasper-devel-2.0.14-150000.3.34.1
* jasper-debugsource-2.0.14-150000.3.34.1
* libjasper4-2.0.14-150000.3.34.1
* libjasper4-debuginfo-2.0.14-150000.3.34.1
* jasper-debuginfo-2.0.14-150000.3.34.1
* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x
x86_64)
* libjasper-devel-2.0.14-150000.3.34.1
* jasper-debugsource-2.0.14-150000.3.34.1
* libjasper4-2.0.14-150000.3.34.1
* libjasper4-debuginfo-2.0.14-150000.3.34.1
* jasper-debuginfo-2.0.14-150000.3.34.1
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x
x86_64)
* libjasper-devel-2.0.14-150000.3.34.1
* jasper-debugsource-2.0.14-150000.3.34.1
* libjasper4-2.0.14-150000.3.34.1
* libjasper4-debuginfo-2.0.14-150000.3.34.1
* jasper-debuginfo-2.0.14-150000.3.34.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64)
* libjasper-devel-2.0.14-150000.3.34.1
* jasper-debugsource-2.0.14-150000.3.34.1
* libjasper4-2.0.14-150000.3.34.1
* libjasper4-debuginfo-2.0.14-150000.3.34.1
* jasper-debuginfo-2.0.14-150000.3.34.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64)
* libjasper-devel-2.0.14-150000.3.34.1
* jasper-debugsource-2.0.14-150000.3.34.1
* libjasper4-2.0.14-150000.3.34.1
* libjasper4-debuginfo-2.0.14-150000.3.34.1
* jasper-debuginfo-2.0.14-150000.3.34.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
* libjasper-devel-2.0.14-150000.3.34.1
* jasper-debugsource-2.0.14-150000.3.34.1
* libjasper4-2.0.14-150000.3.34.1
* libjasper4-debuginfo-2.0.14-150000.3.34.1
* jasper-debuginfo-2.0.14-150000.3.34.1
* SUSE Manager Proxy 4.3 (x86_64)
* jasper-debugsource-2.0.14-150000.3.34.1
* libjasper4-2.0.14-150000.3.34.1
* libjasper4-debuginfo-2.0.14-150000.3.34.1
* jasper-debuginfo-2.0.14-150000.3.34.1
* SUSE Manager Retail Branch Server 4.3 (x86_64)
* jasper-debugsource-2.0.14-150000.3.34.1
* libjasper4-2.0.14-150000.3.34.1
* libjasper4-debuginfo-2.0.14-150000.3.34.1
* jasper-debuginfo-2.0.14-150000.3.34.1
* SUSE Manager Server 4.3 (ppc64le s390x x86_64)
* jasper-debugsource-2.0.14-150000.3.34.1
* libjasper4-2.0.14-150000.3.34.1
* libjasper4-debuginfo-2.0.14-150000.3.34.1
* jasper-debuginfo-2.0.14-150000.3.34.1
* SUSE Enterprise Storage 7.1 (aarch64 x86_64)
* libjasper-devel-2.0.14-150000.3.34.1
* jasper-debugsource-2.0.14-150000.3.34.1
* libjasper4-2.0.14-150000.3.34.1
* libjasper4-debuginfo-2.0.14-150000.3.34.1
* jasper-debuginfo-2.0.14-150000.3.34.1

## References:

* https://www.suse.com/security/cve/CVE-2024-31744.html
* https://bugzilla.suse.com/show_bug.cgi?id=1223155



SUSE-SU-2024:1489-1: important: Security update for the Linux Kernel


# Security update for the Linux Kernel

Announcement ID: SUSE-SU-2024:1489-1
Rating: important
References:

* bsc#1184942
* bsc#1186060
* bsc#1192145
* bsc#1194516
* bsc#1208995
* bsc#1209635
* bsc#1209657
* bsc#1212514
* bsc#1213456
* bsc#1217987
* bsc#1217988
* bsc#1217989
* bsc#1218336
* bsc#1218447
* bsc#1218479
* bsc#1218562
* bsc#1219170
* bsc#1219264
* bsc#1220320
* bsc#1220340
* bsc#1220366
* bsc#1220400
* bsc#1220411
* bsc#1220413
* bsc#1220414
* bsc#1220425
* bsc#1220426
* bsc#1220429
* bsc#1220432
* bsc#1220442
* bsc#1220445
* bsc#1220465
* bsc#1220468
* bsc#1220475
* bsc#1220484
* bsc#1220486
* bsc#1220487
* bsc#1220516
* bsc#1220521
* bsc#1220528
* bsc#1220529
* bsc#1220532
* bsc#1220554
* bsc#1220556
* bsc#1220557
* bsc#1220560
* bsc#1220561
* bsc#1220566
* bsc#1220575
* bsc#1220580
* bsc#1220583
* bsc#1220611
* bsc#1220615
* bsc#1220621
* bsc#1220625
* bsc#1220630
* bsc#1220631
* bsc#1220638
* bsc#1220639
* bsc#1220640
* bsc#1220641
* bsc#1220662
* bsc#1220663
* bsc#1220669
* bsc#1220670
* bsc#1220677
* bsc#1220678
* bsc#1220685
* bsc#1220687
* bsc#1220688
* bsc#1220692
* bsc#1220697
* bsc#1220703
* bsc#1220706
* bsc#1220733
* bsc#1220734
* bsc#1220739
* bsc#1220743
* bsc#1220745
* bsc#1220749
* bsc#1220751
* bsc#1220753
* bsc#1220758
* bsc#1220759
* bsc#1220764
* bsc#1220768
* bsc#1220769
* bsc#1220777
* bsc#1220779
* bsc#1220785
* bsc#1220790
* bsc#1220794
* bsc#1220824
* bsc#1220826
* bsc#1220829
* bsc#1220836
* bsc#1220846
* bsc#1220850
* bsc#1220861
* bsc#1220871
* bsc#1220883
* bsc#1220946
* bsc#1220954
* bsc#1220969
* bsc#1220979
* bsc#1220982
* bsc#1220985
* bsc#1220987
* bsc#1221015
* bsc#1221044
* bsc#1221058
* bsc#1221061
* bsc#1221077
* bsc#1221088
* bsc#1221276
* bsc#1221293
* bsc#1221532
* bsc#1221534
* bsc#1221541
* bsc#1221548
* bsc#1221552
* bsc#1221575
* bsc#1221605
* bsc#1221606
* bsc#1221608
* bsc#1221830
* bsc#1221931
* bsc#1221932
* bsc#1221934
* bsc#1221935
* bsc#1221949
* bsc#1221952
* bsc#1221965
* bsc#1221966
* bsc#1221969
* bsc#1221973
* bsc#1221974
* bsc#1221978
* bsc#1221989
* bsc#1221990
* bsc#1221991
* bsc#1221992
* bsc#1221993
* bsc#1221994
* bsc#1221996
* bsc#1221997
* bsc#1221998
* bsc#1221999
* bsc#1222000
* bsc#1222001
* bsc#1222002
* bsc#1222003
* bsc#1222004
* bsc#1222117
* bsc#1222422
* bsc#1222585
* bsc#1222619
* bsc#1222660
* bsc#1222664
* bsc#1222669
* bsc#1222706
* jsc#PED-5759
* jsc#SLE-13706
* jsc#SLE-15131
* jsc#SLE-15172
* jsc#SLE-15176

Cross-References:

* CVE-2020-36780
* CVE-2020-36781
* CVE-2020-36782
* CVE-2020-36783
* CVE-2021-23134
* CVE-2021-29155
* CVE-2021-46908
* CVE-2021-46909
* CVE-2021-46911
* CVE-2021-46914
* CVE-2021-46917
* CVE-2021-46918
* CVE-2021-46919
* CVE-2021-46920
* CVE-2021-46921
* CVE-2021-46922
* CVE-2021-46930
* CVE-2021-46931
* CVE-2021-46933
* CVE-2021-46938
* CVE-2021-46939
* CVE-2021-46943
* CVE-2021-46944
* CVE-2021-46950
* CVE-2021-46951
* CVE-2021-46956
* CVE-2021-46958
* CVE-2021-46959
* CVE-2021-46960
* CVE-2021-46961
* CVE-2021-46962
* CVE-2021-46963
* CVE-2021-46971
* CVE-2021-46976
* CVE-2021-46980
* CVE-2021-46981
* CVE-2021-46983
* CVE-2021-46984
* CVE-2021-46988
* CVE-2021-46990
* CVE-2021-46991
* CVE-2021-46992
* CVE-2021-46998
* CVE-2021-47000
* CVE-2021-47001
* CVE-2021-47003
* CVE-2021-47006
* CVE-2021-47009
* CVE-2021-47013
* CVE-2021-47014
* CVE-2021-47015
* CVE-2021-47017
* CVE-2021-47020
* CVE-2021-47026
* CVE-2021-47034
* CVE-2021-47035
* CVE-2021-47038
* CVE-2021-47044
* CVE-2021-47045
* CVE-2021-47046
* CVE-2021-47049
* CVE-2021-47051
* CVE-2021-47055
* CVE-2021-47056
* CVE-2021-47058
* CVE-2021-47061
* CVE-2021-47063
* CVE-2021-47065
* CVE-2021-47068
* CVE-2021-47069
* CVE-2021-47070
* CVE-2021-47071
* CVE-2021-47073
* CVE-2021-47077
* CVE-2021-47082
* CVE-2021-47087
* CVE-2021-47095
* CVE-2021-47097
* CVE-2021-47100
* CVE-2021-47101
* CVE-2021-47109
* CVE-2021-47110
* CVE-2021-47112
* CVE-2021-47114
* CVE-2021-47117
* CVE-2021-47118
* CVE-2021-47119
* CVE-2021-47120
* CVE-2021-47130
* CVE-2021-47136
* CVE-2021-47137
* CVE-2021-47138
* CVE-2021-47139
* CVE-2021-47141
* CVE-2021-47142
* CVE-2021-47144
* CVE-2021-47150
* CVE-2021-47153
* CVE-2021-47160
* CVE-2021-47161
* CVE-2021-47164
* CVE-2021-47165
* CVE-2021-47166
* CVE-2021-47167
* CVE-2021-47168
* CVE-2021-47169
* CVE-2021-47170
* CVE-2021-47171
* CVE-2021-47172
* CVE-2021-47173
* CVE-2021-47174
* CVE-2021-47175
* CVE-2021-47176
* CVE-2021-47177
* CVE-2021-47179
* CVE-2021-47180
* CVE-2021-47181
* CVE-2021-47183
* CVE-2021-47185
* CVE-2021-47189
* CVE-2022-0487
* CVE-2022-4744
* CVE-2022-48626
* CVE-2023-0160
* CVE-2023-1192
* CVE-2023-28746
* CVE-2023-35827
* CVE-2023-52454
* CVE-2023-52469
* CVE-2023-52470
* CVE-2023-52474
* CVE-2023-52476
* CVE-2023-52477
* CVE-2023-52492
* CVE-2023-52500
* CVE-2023-52508
* CVE-2023-52509
* CVE-2023-52572
* CVE-2023-52575
* CVE-2023-52583
* CVE-2023-52590
* CVE-2023-52591
* CVE-2023-52607
* CVE-2023-52628
* CVE-2023-6270
* CVE-2023-6356
* CVE-2023-6531
* CVE-2023-6535
* CVE-2023-6536
* CVE-2023-7042
* CVE-2023-7192
* CVE-2024-22099
* CVE-2024-26600
* CVE-2024-26614
* CVE-2024-26642
* CVE-2024-26704
* CVE-2024-26733

CVSS scores:

* CVE-2020-36780 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2020-36781 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2020-36782 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2020-36783 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-23134 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2021-23134 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2021-29155 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
* CVE-2021-29155 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
* CVE-2021-46908 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
* CVE-2021-46908 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-46909 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-46909 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-46911 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H
* CVE-2021-46914 ( SUSE ): 4.3 CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-46914 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-46917 ( SUSE ): 3.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:L
* CVE-2021-46917 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
* CVE-2021-46918 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
* CVE-2021-46918 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-46919 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-46919 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-46920 ( SUSE ): 1.9 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L
* CVE-2021-46920 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
* CVE-2021-46921 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
* CVE-2021-46922 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-46922 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-46930 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
* CVE-2021-46930 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-46931 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-46931 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-46933 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
* CVE-2021-46933 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-46938 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H
* CVE-2021-46938 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2021-46939 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-46939 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-46943 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-46943 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2021-46944 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-46944 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-46950 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
* CVE-2021-46950 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2021-46951 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-46951 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-46956 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-46958 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-46959 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
* CVE-2021-46960 ( SUSE ): 2.3 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L
* CVE-2021-46961 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-46962 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
* CVE-2021-46963 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-46971 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
* CVE-2021-46976 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-46980 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-46981 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-46983 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-46984 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-46988 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-46990 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-46991 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
* CVE-2021-46992 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
* CVE-2021-46998 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
* CVE-2021-47000 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
* CVE-2021-47001 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47003 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47006 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47009 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H
* CVE-2021-47013 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47014 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
* CVE-2021-47015 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47017 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
* CVE-2021-47020 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
* CVE-2021-47026 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47034 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47035 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N
* CVE-2021-47038 ( SUSE ): 5.7 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47044 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
* CVE-2021-47045 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47046 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H
* CVE-2021-47049 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47051 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
* CVE-2021-47055 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47056 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47058 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:H
* CVE-2021-47061 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
* CVE-2021-47063 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
* CVE-2021-47065 ( SUSE ): 6.3 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H
* CVE-2021-47068 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2021-47069 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47070 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
* CVE-2021-47071 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
* CVE-2021-47073 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47077 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47082 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47087 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
* CVE-2021-47095 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47097 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
* CVE-2021-47100 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47101 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
* CVE-2021-47109 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47110 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47112 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
* CVE-2021-47114 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47117 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47118 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47119 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47120 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47130 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47136 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
* CVE-2021-47137 ( SUSE ): 6.4 CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H
* CVE-2021-47138 ( SUSE ): 4.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L
* CVE-2021-47139 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47141 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47142 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47144 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47150 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47153 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47160 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47161 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47164 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47164 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47165 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47166 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47167 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47168 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47169 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47170 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47171 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47171 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47172 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47173 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47173 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47174 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47175 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47176 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47177 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47179 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47179 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47180 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47181 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47183 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47185 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47189 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-0487 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2022-0487 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
* CVE-2022-4744 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2022-4744 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2022-48626 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
* CVE-2022-48626 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-0160 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-0160 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-1192 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-1192 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-28746 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
* CVE-2023-35827 ( SUSE ): 6.4 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-35827 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-52454 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52454 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52469 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
* CVE-2023-52469 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-52470 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52470 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52474 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
* CVE-2023-52474 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-52476 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52477 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52492 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52500 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
* CVE-2023-52508 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52509 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-52572 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N
* CVE-2023-52575 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52583 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52590 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
* CVE-2023-52591 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
* CVE-2023-52607 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52628 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-6270 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-6270 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-6356 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-6356 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-6531 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-6531 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-6535 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-6535 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-6536 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-6536 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-7042 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-7042 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-7192 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-7192 ( NVD ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-22099 ( SUSE ): 5.3 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-22099 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26600 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26600 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26614 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26642 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26704 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26733 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected Products:

* openSUSE Leap 15.3
* SUSE Enterprise Storage 7.1
* SUSE Linux Enterprise High Availability Extension 15 SP3
* SUSE Linux Enterprise High Performance Computing 15 SP3
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
* SUSE Linux Enterprise Live Patching 15-SP3
* SUSE Linux Enterprise Micro 5.1
* SUSE Linux Enterprise Micro 5.2
* SUSE Linux Enterprise Micro for Rancher 5.2
* SUSE Linux Enterprise Server 15 SP3
* SUSE Linux Enterprise Server 15 SP3 Business Critical Linux 15-SP3
* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3
* SUSE Linux Enterprise Server for SAP Applications 15 SP3
* SUSE Manager Proxy 4.2
* SUSE Manager Retail Branch Server 4.2
* SUSE Manager Server 4.2

An update that solves 157 vulnerabilities, contains five features and has four
security fixes can now be installed.

## Description:

The SUSE Linux Enterprise 15 SP3 LTSS kernel was updated to receive various
security bugfixes.

The following security bugs were fixed:

* CVE-2020-36781: Fixed reference leak when pm_runtime_get_sync fails in
i2c/imx (bsc#1220557).
* CVE-2021-46911: Fixed kernel panic (bsc#1220400).
* CVE-2021-46914: Fixed unbalanced device enable/disable in suspend/resume in
pci_disable_device() (bsc#1220465).
* CVE-2021-46917: Fixed wq cleanup of WQCFG registers in idxd (bsc#1220432).
* CVE-2021-46918: Fixed not clearing MSIX permission entry on shutdown in idxd
(bsc#1220429).
* CVE-2021-46919: Fixed wq size store permission state in idxd (bsc#1220414).
* CVE-2021-46920: Fixed clobbering of SWERR overflow bit on writeback
(bsc#1220426).
* CVE-2021-46922: Fixed TPM reservation for seal/unseal (bsc#1220475).
* CVE-2021-46930: Fixed usb/mtu3 list_head check warning (bsc#1220484).
* CVE-2021-46931: Fixed wrong type casting in mlx5e_tx_reporter_dump_sq()
(bsc#1220486).
* CVE-2021-46933: Fixed possible underflow in ffs_data_clear() (bsc#1220487).
* CVE-2021-46956: Fixed memory leak in virtio_fs_probe() (bsc#1220516).
* CVE-2021-46959: Fixed use-after-free with devm_spi_alloc_* (bsc#1220734).
* CVE-2021-46961: Fixed spurious interrup handling (bsc#1220529).
* CVE-2021-46971: Fixed unconditional security_locked_down() call
(bsc#1220697).
* CVE-2021-46976: Fixed crash in auto_retire in drm/i915 (bsc#1220621).
* CVE-2021-46980: Fixed not retrieving all the PDOs instead of just the first
4 in usb/typec/ucsi (bsc#1220663).
* CVE-2021-46983: Fixed NULL pointer dereference when SEND is completed with
error (bsc#1220639).
* CVE-2021-46988: Fixed release page in error path to avoid BUG_ON
(bsc#1220706).
* CVE-2021-47001: Fixed cwnd update ordering in xprtrdma (bsc#1220670).
* CVE-2021-47003: Fixed potential null dereference on pointer status in
idxd_cmd_exec (bsc#1220677).
* CVE-2021-47009: Fixed memory leak on object td (bsc#1220733).
* CVE-2021-47014: Fixed wild memory access when clearing fragments in
net/sched/act_ct (bsc#1220630).
* CVE-2021-47017: Fixed use after free in ath10k_htc_send_bundle
(bsc#1220678).
* CVE-2021-47026: Fixed not destroying sysfs after removing session from
active list (bsc#1220685).
* CVE-2021-47035: Fixed wrong WO permissions on second-level paging entries in
iommu/vt-d (bsc#1220688).
* CVE-2021-47038: Fixed deadlock between hci_dev->lock and socket lock in
bluetooth (bsc#1220753).
* CVE-2021-47044: Fixed shift-out-of-bounds in load_balance() in sched/fair
(bsc#1220759).
* CVE-2021-47046: Fixed off by one in hdmi_14_process_transaction()
(bsc#1220758).
* CVE-2021-47087: Fixed incorrect page free bug in tee/optee (bsc#1220954).
* CVE-2021-47095: Fixed missing initialization in ipmi/ssif (bsc#1220979).
* CVE-2021-47097: Fixed stack out of bound access in
elantech_change_report_id() (bsc#1220982).
* CVE-2021-47100: Fixed UAF when uninstall in ipmi (bsc#1220985).
* CVE-2021-47101: Fixed uninit-value in asix_mdio_read() (bsc#1220987).
* CVE-2021-47109: Fixed NUD_NOARP entries to be forced GCed (bsc#1221534).
* CVE-2021-47130: Fixed freeing unallocated p2pmem in nvmet (bsc#1221552).
* CVE-2021-47137: Fixed memory corruption in RX ring in net/lantiq
(bsc#1221932).
* CVE-2021-47150: Fixed the potential memory leak in fec_enet_init()
(bsc#1221973).
* CVE-2021-47160: Fixed VLAN traffic leaks in dsa: mt7530 (bsc#1221974).
* CVE-2021-47164: Fixed null pointer dereference accessing lag dev in
net/mlx5e (bsc#1221978).
* CVE-2021-47174: Fixed missing check in irq_fpu_usable() (bsc#1221990).
* CVE-2021-47175: Fixed OOB access in net/sched/fq_pie (bsc#1222003).
* CVE-2021-47181: Fixed a null pointer dereference caused by calling
platform_get_resource() (bsc#1222660).
* CVE-2021-47183: Fixed a null pointer dereference during link down processing
in scsi lpfc (bsc#1192145, bsc#1222664).
* CVE-2021-47185: Fixed a softlockup issue in flush_to_ldisc in tty tty_buffer
(bsc#1222669).
* CVE-2021-47189: Fixed denial of service due to memory ordering issues
between normal and ordered work functions in btrfs (bsc#1222706).
* CVE-2023-0160: Fixed deadlock flaw in BPF that could allow a local user to
potentially crash the system (bsc#1209657).
* CVE-2023-28746: Fixed Register File Data Sampling (bsc#1213456).
* CVE-2023-52469: Fixed a use-after-free in kv_parse_power_table
(bsc#1220411).
* CVE-2023-52470: Fixed null-ptr-deref in radeon_crtc_init() (bsc#1220413).
* CVE-2023-52474: Fixed a vulnerability with non-PAGE_SIZE-end multi-iovec
user SDMA requests (bsc#1220445).
* CVE-2023-52476: Fixed possible unhandled page fault via perf sampling NMI
during vsyscall (bsc#1220703).
* CVE-2023-52492: Fixed a null-pointer-dereference in channel unregistration
function __dma_async_device_channel_register() (bsc#1221276).
* CVE-2023-52500: Fixed information leaking when processing
OPC_INB_SET_CONTROLLER_CONFIG command (bsc#1220883).
* CVE-2023-52508: Fixed null pointer dereference in nvme_fc_io_getuuid()
(bsc#1221015).
* CVE-2023-52575: Fixed SBPB enablement for spec_rstack_overflow=off
(bsc#1220871).
* CVE-2023-52583: Fixed deadlock or deadcode of misusing dget() inside ceph
(bsc#1221058).
* CVE-2023-52607: Fixed a null-pointer-dereference in pgtable_cache_add
kasprintf() (bsc#1221061).
* CVE-2023-52628: Fixed 4-byte stack OOB write in nftables (bsc#1222117).
* CVE-2023-6270: Fixed a use-after-free issue in aoecmd_cfg_pkts
(bsc#1218562).
* CVE-2023-6531: Fixed a use-after-free flaw due to a race problem in the unix
garbage collector's deletion of SKB races with unix_stream_read_generic()on
the socket that the SKB is queued on (bsc#1218447).
* CVE-2023-7042: Fixed a null-pointer-dereference in
ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev() (bsc#1218336).
* CVE-2023-7192: Fixed a memory leak problem in ctnetlink_create_conntrack in
net/netfilter/nf_conntrack_netlink.c (bsc#1218479).
* CVE-2024-22099: Fixed a null-pointer-dereference in rfcomm_check_security
(bsc#1219170).
* CVE-2024-26600: Fixed NULL pointer dereference for SRP in phy-omap-usb2
(bsc#1220340).
* CVE-2024-26614: Fixed the initialization of accept_queue's spinlocks
(bsc#1221293).
* CVE-2024-26642: Fixed the set of anonymous timeout flag in netfilter
nf_tables (bsc#1221830).
* CVE-2024-26704: Fixed a double-free of blocks due to wrong extents moved_len
in ext4 (bsc#1222422).
* CVE-2024-26733: Fixed an overflow in arp_req_get() in arp (bsc#1222585).

The following non-security bugs were fixed:

* fs,hugetlb: fix NULL pointer dereference in hugetlbs_fill_super
(bsc#1219264).
* tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc (bsc#1222619).
* group-source-files.pl: Quote filenames (boo#1221077).
* kernel-binary: certs: Avoid trailing space
* mm: fix gup_pud_range (bsc#1220824).

## Special Instructions and Notes:

* Please reboot the system after installing this update.

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* SUSE Linux Enterprise Server for SAP Applications 15 SP3
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-1489=1

* SUSE Enterprise Storage 7.1
zypper in -t patch SUSE-Storage-7.1-2024-1489=1

* SUSE Linux Enterprise Micro 5.1
zypper in -t patch SUSE-SUSE-MicroOS-5.1-2024-1489=1

* SUSE Linux Enterprise Micro 5.2
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-1489=1

* SUSE Linux Enterprise Micro for Rancher 5.2
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-1489=1

* openSUSE Leap 15.3
zypper in -t patch SUSE-2024-1489=1

* SUSE Linux Enterprise Live Patching 15-SP3
zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2024-1489=1

* SUSE Linux Enterprise High Availability Extension 15 SP3
zypper in -t patch SUSE-SLE-Product-HA-15-SP3-2024-1489=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-1489=1

* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3
zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-1489=1

## Package List:

* SUSE Linux Enterprise Server for SAP Applications 15 SP3 (nosrc ppc64le
x86_64)
* kernel-default-5.3.18-150300.59.158.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64)
* kernel-default-devel-5.3.18-150300.59.158.1
* kernel-syms-5.3.18-150300.59.158.1
* reiserfs-kmp-default-debuginfo-5.3.18-150300.59.158.1
* reiserfs-kmp-default-5.3.18-150300.59.158.1
* kernel-default-debuginfo-5.3.18-150300.59.158.1
* kernel-obs-build-5.3.18-150300.59.158.1
* kernel-default-debugsource-5.3.18-150300.59.158.1
* kernel-default-base-5.3.18-150300.59.158.1.150300.18.92.5
* kernel-obs-build-debugsource-5.3.18-150300.59.158.1
* kernel-default-devel-debuginfo-5.3.18-150300.59.158.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch)
* kernel-source-5.3.18-150300.59.158.1
* kernel-devel-5.3.18-150300.59.158.1
* kernel-macros-5.3.18-150300.59.158.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch nosrc)
* kernel-docs-5.3.18-150300.59.158.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP3 (nosrc x86_64)
* kernel-preempt-5.3.18-150300.59.158.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP3 (x86_64)
* kernel-preempt-devel-debuginfo-5.3.18-150300.59.158.1
* kernel-preempt-devel-5.3.18-150300.59.158.1
* kernel-preempt-debuginfo-5.3.18-150300.59.158.1
* kernel-preempt-debugsource-5.3.18-150300.59.158.1
* SUSE Enterprise Storage 7.1 (aarch64 nosrc)
* kernel-64kb-5.3.18-150300.59.158.1
* SUSE Enterprise Storage 7.1 (aarch64)
* kernel-64kb-debugsource-5.3.18-150300.59.158.1
* kernel-64kb-devel-5.3.18-150300.59.158.1
* kernel-64kb-devel-debuginfo-5.3.18-150300.59.158.1
* kernel-64kb-debuginfo-5.3.18-150300.59.158.1
* SUSE Enterprise Storage 7.1 (aarch64 nosrc x86_64)
* kernel-default-5.3.18-150300.59.158.1
* kernel-preempt-5.3.18-150300.59.158.1
* SUSE Enterprise Storage 7.1 (aarch64 x86_64)
* kernel-default-devel-5.3.18-150300.59.158.1
* kernel-preempt-debugsource-5.3.18-150300.59.158.1
* kernel-syms-5.3.18-150300.59.158.1
* kernel-preempt-devel-5.3.18-150300.59.158.1
* reiserfs-kmp-default-debuginfo-5.3.18-150300.59.158.1
* kernel-preempt-debuginfo-5.3.18-150300.59.158.1
* reiserfs-kmp-default-5.3.18-150300.59.158.1
* kernel-default-debuginfo-5.3.18-150300.59.158.1
* kernel-obs-build-5.3.18-150300.59.158.1
* kernel-default-debugsource-5.3.18-150300.59.158.1
* kernel-default-base-5.3.18-150300.59.158.1.150300.18.92.5
* kernel-preempt-devel-debuginfo-5.3.18-150300.59.158.1
* kernel-obs-build-debugsource-5.3.18-150300.59.158.1
* kernel-default-devel-debuginfo-5.3.18-150300.59.158.1
* SUSE Enterprise Storage 7.1 (noarch)
* kernel-source-5.3.18-150300.59.158.1
* kernel-devel-5.3.18-150300.59.158.1
* kernel-macros-5.3.18-150300.59.158.1
* SUSE Enterprise Storage 7.1 (noarch nosrc)
* kernel-docs-5.3.18-150300.59.158.1
* SUSE Linux Enterprise Micro 5.1 (aarch64 nosrc s390x x86_64)
* kernel-default-5.3.18-150300.59.158.1
* SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64)
* kernel-default-debuginfo-5.3.18-150300.59.158.1
* kernel-default-debugsource-5.3.18-150300.59.158.1
* kernel-default-base-5.3.18-150300.59.158.1.150300.18.92.5
* SUSE Linux Enterprise Micro 5.2 (aarch64 nosrc s390x x86_64)
* kernel-default-5.3.18-150300.59.158.1
* SUSE Linux Enterprise Micro 5.2 (aarch64 x86_64)
* kernel-default-base-5.3.18-150300.59.158.1.150300.18.92.5
* SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64)
* kernel-default-debuginfo-5.3.18-150300.59.158.1
* kernel-default-debugsource-5.3.18-150300.59.158.1
* SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 nosrc s390x x86_64)
* kernel-default-5.3.18-150300.59.158.1
* SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 x86_64)
* kernel-default-base-5.3.18-150300.59.158.1.150300.18.92.5
* SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64)
* kernel-default-debuginfo-5.3.18-150300.59.158.1
* kernel-default-debugsource-5.3.18-150300.59.158.1
* openSUSE Leap 15.3 (noarch nosrc)
* kernel-docs-5.3.18-150300.59.158.1
* openSUSE Leap 15.3 (noarch)
* kernel-devel-5.3.18-150300.59.158.1
* kernel-docs-html-5.3.18-150300.59.158.1
* kernel-source-vanilla-5.3.18-150300.59.158.1
* kernel-source-5.3.18-150300.59.158.1
* kernel-macros-5.3.18-150300.59.158.1
* openSUSE Leap 15.3 (nosrc ppc64le x86_64)
* kernel-kvmsmall-5.3.18-150300.59.158.1
* kernel-debug-5.3.18-150300.59.158.1
* openSUSE Leap 15.3 (ppc64le x86_64)
* kernel-kvmsmall-devel-debuginfo-5.3.18-150300.59.158.1
* kernel-debug-devel-5.3.18-150300.59.158.1
* kernel-kvmsmall-debugsource-5.3.18-150300.59.158.1
* kernel-debug-devel-debuginfo-5.3.18-150300.59.158.1
* kernel-debug-debugsource-5.3.18-150300.59.158.1
* kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.158.1
* kernel-kvmsmall-devel-5.3.18-150300.59.158.1
* kernel-debug-debuginfo-5.3.18-150300.59.158.1
* kernel-kvmsmall-debuginfo-5.3.18-150300.59.158.1
* kernel-debug-livepatch-devel-5.3.18-150300.59.158.1
* openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64)
* kselftests-kmp-default-5.3.18-150300.59.158.1
* dlm-kmp-default-5.3.18-150300.59.158.1
* cluster-md-kmp-default-5.3.18-150300.59.158.1
* kernel-default-base-5.3.18-150300.59.158.1.150300.18.92.5
* kernel-default-extra-debuginfo-5.3.18-150300.59.158.1
* kernel-default-livepatch-5.3.18-150300.59.158.1
* gfs2-kmp-default-debuginfo-5.3.18-150300.59.158.1
* kernel-obs-qa-5.3.18-150300.59.158.1
* kernel-default-devel-5.3.18-150300.59.158.1
* kernel-syms-5.3.18-150300.59.158.1
* reiserfs-kmp-default-debuginfo-5.3.18-150300.59.158.1
* kernel-default-debugsource-5.3.18-150300.59.158.1
* kernel-default-optional-debuginfo-5.3.18-150300.59.158.1
* cluster-md-kmp-default-debuginfo-5.3.18-150300.59.158.1
* kernel-obs-build-debugsource-5.3.18-150300.59.158.1
* gfs2-kmp-default-5.3.18-150300.59.158.1
* kernel-default-livepatch-devel-5.3.18-150300.59.158.1
* kernel-default-extra-5.3.18-150300.59.158.1
* kselftests-kmp-default-debuginfo-5.3.18-150300.59.158.1
* reiserfs-kmp-default-5.3.18-150300.59.158.1
* dlm-kmp-default-debuginfo-5.3.18-150300.59.158.1
* kernel-default-devel-debuginfo-5.3.18-150300.59.158.1
* ocfs2-kmp-default-5.3.18-150300.59.158.1
* kernel-default-base-rebuild-5.3.18-150300.59.158.1.150300.18.92.5
* kernel-default-optional-5.3.18-150300.59.158.1
* kernel-default-debuginfo-5.3.18-150300.59.158.1
* kernel-obs-build-5.3.18-150300.59.158.1
* ocfs2-kmp-default-debuginfo-5.3.18-150300.59.158.1
* openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 nosrc)
* kernel-default-5.3.18-150300.59.158.1
* openSUSE Leap 15.3 (ppc64le s390x x86_64)
* kernel-livepatch-SLE15-SP3_Update_43-debugsource-1-150300.7.3.5
* kernel-livepatch-5_3_18-150300_59_158-default-1-150300.7.3.5
* kernel-livepatch-5_3_18-150300_59_158-default-debuginfo-1-150300.7.3.5
* openSUSE Leap 15.3 (x86_64)
* kernel-livepatch-5_3_18-150300_59_158-preempt-1-150300.7.3.5
* kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo-1-150300.7.3.5
* openSUSE Leap 15.3 (aarch64 x86_64)
* reiserfs-kmp-preempt-debuginfo-5.3.18-150300.59.158.1
* kernel-preempt-livepatch-devel-5.3.18-150300.59.158.1
* kselftests-kmp-preempt-5.3.18-150300.59.158.1
* dlm-kmp-preempt-5.3.18-150300.59.158.1
* kselftests-kmp-preempt-debuginfo-5.3.18-150300.59.158.1
* kernel-preempt-optional-debuginfo-5.3.18-150300.59.158.1
* ocfs2-kmp-preempt-debuginfo-5.3.18-150300.59.158.1
* ocfs2-kmp-preempt-5.3.18-150300.59.158.1
* kernel-preempt-debugsource-5.3.18-150300.59.158.1
* kernel-preempt-debuginfo-5.3.18-150300.59.158.1
* reiserfs-kmp-preempt-5.3.18-150300.59.158.1
* kernel-preempt-extra-5.3.18-150300.59.158.1
* gfs2-kmp-preempt-debuginfo-5.3.18-150300.59.158.1
* cluster-md-kmp-preempt-5.3.18-150300.59.158.1
* cluster-md-kmp-preempt-debuginfo-5.3.18-150300.59.158.1
* kernel-preempt-optional-5.3.18-150300.59.158.1
* kernel-preempt-devel-5.3.18-150300.59.158.1
* dlm-kmp-preempt-debuginfo-5.3.18-150300.59.158.1
* kernel-preempt-extra-debuginfo-5.3.18-150300.59.158.1
* kernel-preempt-devel-debuginfo-5.3.18-150300.59.158.1
* gfs2-kmp-preempt-5.3.18-150300.59.158.1
* openSUSE Leap 15.3 (aarch64 nosrc x86_64)
* kernel-preempt-5.3.18-150300.59.158.1
* openSUSE Leap 15.3 (nosrc s390x)
* kernel-zfcpdump-5.3.18-150300.59.158.1
* openSUSE Leap 15.3 (s390x)
* kernel-zfcpdump-debugsource-5.3.18-150300.59.158.1
* kernel-zfcpdump-debuginfo-5.3.18-150300.59.158.1
* openSUSE Leap 15.3 (nosrc)
* dtb-aarch64-5.3.18-150300.59.158.1
* openSUSE Leap 15.3 (aarch64)
* gfs2-kmp-64kb-5.3.18-150300.59.158.1
* dtb-al-5.3.18-150300.59.158.1
* dtb-xilinx-5.3.18-150300.59.158.1
* ocfs2-kmp-64kb-5.3.18-150300.59.158.1
* dtb-marvell-5.3.18-150300.59.158.1
* kernel-64kb-extra-5.3.18-150300.59.158.1
* kselftests-kmp-64kb-5.3.18-150300.59.158.1
* dtb-freescale-5.3.18-150300.59.158.1
* dtb-exynos-5.3.18-150300.59.158.1
* dtb-rockchip-5.3.18-150300.59.158.1
* dtb-broadcom-5.3.18-150300.59.158.1
* dtb-arm-5.3.18-150300.59.158.1
* dtb-mediatek-5.3.18-150300.59.158.1
* dlm-kmp-64kb-debuginfo-5.3.18-150300.59.158.1
* kernel-64kb-devel-5.3.18-150300.59.158.1
* kernel-64kb-optional-5.3.18-150300.59.158.1
* dtb-cavium-5.3.18-150300.59.158.1
* dtb-renesas-5.3.18-150300.59.158.1
* dtb-socionext-5.3.18-150300.59.158.1
* cluster-md-kmp-64kb-5.3.18-150300.59.158.1
* kselftests-kmp-64kb-debuginfo-5.3.18-150300.59.158.1
* kernel-64kb-devel-debuginfo-5.3.18-150300.59.158.1
* reiserfs-kmp-64kb-debuginfo-5.3.18-150300.59.158.1
* kernel-64kb-debugsource-5.3.18-150300.59.158.1
* dtb-amlogic-5.3.18-150300.59.158.1
* dtb-apm-5.3.18-150300.59.158.1
* dtb-allwinner-5.3.18-150300.59.158.1
* gfs2-kmp-64kb-debuginfo-5.3.18-150300.59.158.1
* kernel-64kb-extra-debuginfo-5.3.18-150300.59.158.1
* dtb-sprd-5.3.18-150300.59.158.1
* dtb-qcom-5.3.18-150300.59.158.1
* dtb-lg-5.3.18-150300.59.158.1
* kernel-64kb-debuginfo-5.3.18-150300.59.158.1
* reiserfs-kmp-64kb-5.3.18-150300.59.158.1
* ocfs2-kmp-64kb-debuginfo-5.3.18-150300.59.158.1
* dtb-altera-5.3.18-150300.59.158.1
* dtb-nvidia-5.3.18-150300.59.158.1
* cluster-md-kmp-64kb-debuginfo-5.3.18-150300.59.158.1
* kernel-64kb-livepatch-devel-5.3.18-150300.59.158.1
* dtb-hisilicon-5.3.18-150300.59.158.1
* dtb-zte-5.3.18-150300.59.158.1
* dlm-kmp-64kb-5.3.18-150300.59.158.1
* kernel-64kb-optional-debuginfo-5.3.18-150300.59.158.1
* dtb-amd-5.3.18-150300.59.158.1
* openSUSE Leap 15.3 (aarch64 nosrc)
* kernel-64kb-5.3.18-150300.59.158.1
* SUSE Linux Enterprise Live Patching 15-SP3 (nosrc)
* kernel-default-5.3.18-150300.59.158.1
* SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64)
* kernel-default-debuginfo-5.3.18-150300.59.158.1
* kernel-default-debugsource-5.3.18-150300.59.158.1
* kernel-default-livepatch-5.3.18-150300.59.158.1
* kernel-livepatch-5_3_18-150300_59_158-default-1-150300.7.3.5
* kernel-default-livepatch-devel-5.3.18-150300.59.158.1
* SUSE Linux Enterprise High Availability Extension 15 SP3 (aarch64 ppc64le
s390x x86_64)
* ocfs2-kmp-default-5.3.18-150300.59.158.1
* dlm-kmp-default-debuginfo-5.3.18-150300.59.158.1
* kernel-default-debuginfo-5.3.18-150300.59.158.1
* dlm-kmp-default-5.3.18-150300.59.158.1
* kernel-default-debugsource-5.3.18-150300.59.158.1
* cluster-md-kmp-default-5.3.18-150300.59.158.1
* ocfs2-kmp-default-debuginfo-5.3.18-150300.59.158.1
* cluster-md-kmp-default-debuginfo-5.3.18-150300.59.158.1
* gfs2-kmp-default-debuginfo-5.3.18-150300.59.158.1
* gfs2-kmp-default-5.3.18-150300.59.158.1
* SUSE Linux Enterprise High Availability Extension 15 SP3 (nosrc)
* kernel-default-5.3.18-150300.59.158.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 nosrc)
* kernel-64kb-5.3.18-150300.59.158.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64)
* kernel-64kb-debugsource-5.3.18-150300.59.158.1
* kernel-64kb-devel-5.3.18-150300.59.158.1
* kernel-64kb-devel-debuginfo-5.3.18-150300.59.158.1
* kernel-64kb-debuginfo-5.3.18-150300.59.158.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 nosrc
x86_64)
* kernel-default-5.3.18-150300.59.158.1
* kernel-preempt-5.3.18-150300.59.158.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64
x86_64)
* kernel-default-devel-5.3.18-150300.59.158.1
* kernel-preempt-debugsource-5.3.18-150300.59.158.1
* kernel-syms-5.3.18-150300.59.158.1
* kernel-preempt-devel-5.3.18-150300.59.158.1
* reiserfs-kmp-default-debuginfo-5.3.18-150300.59.158.1
* kernel-preempt-debuginfo-5.3.18-150300.59.158.1
* reiserfs-kmp-default-5.3.18-150300.59.158.1
* kernel-default-debuginfo-5.3.18-150300.59.158.1
* kernel-obs-build-5.3.18-150300.59.158.1
* kernel-default-debugsource-5.3.18-150300.59.158.1
* kernel-default-base-5.3.18-150300.59.158.1.150300.18.92.5
* kernel-preempt-devel-debuginfo-5.3.18-150300.59.158.1
* kernel-obs-build-debugsource-5.3.18-150300.59.158.1
* kernel-default-devel-debuginfo-5.3.18-150300.59.158.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch)
* kernel-source-5.3.18-150300.59.158.1
* kernel-devel-5.3.18-150300.59.158.1
* kernel-macros-5.3.18-150300.59.158.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch nosrc)
* kernel-docs-5.3.18-150300.59.158.1
* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 nosrc)
* kernel-64kb-5.3.18-150300.59.158.1
* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64)
* kernel-64kb-debugsource-5.3.18-150300.59.158.1
* kernel-64kb-devel-5.3.18-150300.59.158.1
* kernel-64kb-devel-debuginfo-5.3.18-150300.59.158.1
* kernel-64kb-debuginfo-5.3.18-150300.59.158.1
* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x
x86_64 nosrc)
* kernel-default-5.3.18-150300.59.158.1
* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x
x86_64)
* kernel-default-devel-5.3.18-150300.59.158.1
* kernel-syms-5.3.18-150300.59.158.1
* reiserfs-kmp-default-debuginfo-5.3.18-150300.59.158.1
* reiserfs-kmp-default-5.3.18-150300.59.158.1
* kernel-default-debuginfo-5.3.18-150300.59.158.1
* kernel-obs-build-5.3.18-150300.59.158.1
* kernel-default-debugsource-5.3.18-150300.59.158.1
* kernel-default-base-5.3.18-150300.59.158.1.150300.18.92.5
* kernel-obs-build-debugsource-5.3.18-150300.59.158.1
* kernel-default-devel-debuginfo-5.3.18-150300.59.158.1
* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (noarch)
* kernel-source-5.3.18-150300.59.158.1
* kernel-devel-5.3.18-150300.59.158.1
* kernel-macros-5.3.18-150300.59.158.1
* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (noarch nosrc)
* kernel-docs-5.3.18-150300.59.158.1
* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 nosrc x86_64)
* kernel-preempt-5.3.18-150300.59.158.1
* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 x86_64)
* kernel-preempt-devel-debuginfo-5.3.18-150300.59.158.1
* kernel-preempt-devel-5.3.18-150300.59.158.1
* kernel-preempt-debuginfo-5.3.18-150300.59.158.1
* kernel-preempt-debugsource-5.3.18-150300.59.158.1
* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (nosrc s390x)
* kernel-zfcpdump-5.3.18-150300.59.158.1
* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (s390x)
* kernel-zfcpdump-debugsource-5.3.18-150300.59.158.1
* kernel-zfcpdump-debuginfo-5.3.18-150300.59.158.1

## References:

* https://www.suse.com/security/cve/CVE-2020-36780.html
* https://www.suse.com/security/cve/CVE-2020-36781.html
* https://www.suse.com/security/cve/CVE-2020-36782.html
* https://www.suse.com/security/cve/CVE-2020-36783.html
* https://www.suse.com/security/cve/CVE-2021-23134.html
* https://www.suse.com/security/cve/CVE-2021-29155.html
* https://www.suse.com/security/cve/CVE-2021-46908.html
* https://www.suse.com/security/cve/CVE-2021-46909.html
* https://www.suse.com/security/cve/CVE-2021-46911.html
* https://www.suse.com/security/cve/CVE-2021-46914.html
* https://www.suse.com/security/cve/CVE-2021-46917.html
* https://www.suse.com/security/cve/CVE-2021-46918.html
* https://www.suse.com/security/cve/CVE-2021-46919.html
* https://www.suse.com/security/cve/CVE-2021-46920.html
* https://www.suse.com/security/cve/CVE-2021-46921.html
* https://www.suse.com/security/cve/CVE-2021-46922.html
* https://www.suse.com/security/cve/CVE-2021-46930.html
* https://www.suse.com/security/cve/CVE-2021-46931.html
* https://www.suse.com/security/cve/CVE-2021-46933.html
* https://www.suse.com/security/cve/CVE-2021-46938.html
* https://www.suse.com/security/cve/CVE-2021-46939.html
* https://www.suse.com/security/cve/CVE-2021-46943.html
* https://www.suse.com/security/cve/CVE-2021-46944.html
* https://www.suse.com/security/cve/CVE-2021-46950.html
* https://www.suse.com/security/cve/CVE-2021-46951.html
* https://www.suse.com/security/cve/CVE-2021-46956.html
* https://www.suse.com/security/cve/CVE-2021-46958.html
* https://www.suse.com/security/cve/CVE-2021-46959.html
* https://www.suse.com/security/cve/CVE-2021-46960.html
* https://www.suse.com/security/cve/CVE-2021-46961.html
* https://www.suse.com/security/cve/CVE-2021-46962.html
* https://www.suse.com/security/cve/CVE-2021-46963.html
* https://www.suse.com/security/cve/CVE-2021-46971.html
* https://www.suse.com/security/cve/CVE-2021-46976.html
* https://www.suse.com/security/cve/CVE-2021-46980.html
* https://www.suse.com/security/cve/CVE-2021-46981.html
* https://www.suse.com/security/cve/CVE-2021-46983.html
* https://www.suse.com/security/cve/CVE-2021-46984.html
* https://www.suse.com/security/cve/CVE-2021-46988.html
* https://www.suse.com/security/cve/CVE-2021-46990.html
* https://www.suse.com/security/cve/CVE-2021-46991.html
* https://www.suse.com/security/cve/CVE-2021-46992.html
* https://www.suse.com/security/cve/CVE-2021-46998.html
* https://www.suse.com/security/cve/CVE-2021-47000.html
* https://www.suse.com/security/cve/CVE-2021-47001.html
* https://www.suse.com/security/cve/CVE-2021-47003.html
* https://www.suse.com/security/cve/CVE-2021-47006.html
* https://www.suse.com/security/cve/CVE-2021-47009.html
* https://www.suse.com/security/cve/CVE-2021-47013.html
* https://www.suse.com/security/cve/CVE-2021-47014.html
* https://www.suse.com/security/cve/CVE-2021-47015.html
* https://www.suse.com/security/cve/CVE-2021-47017.html
* https://www.suse.com/security/cve/CVE-2021-47020.html
* https://www.suse.com/security/cve/CVE-2021-47026.html
* https://www.suse.com/security/cve/CVE-2021-47034.html
* https://www.suse.com/security/cve/CVE-2021-47035.html
* https://www.suse.com/security/cve/CVE-2021-47038.html
* https://www.suse.com/security/cve/CVE-2021-47044.html
* https://www.suse.com/security/cve/CVE-2021-47045.html
* https://www.suse.com/security/cve/CVE-2021-47046.html
* https://www.suse.com/security/cve/CVE-2021-47049.html
* https://www.suse.com/security/cve/CVE-2021-47051.html
* https://www.suse.com/security/cve/CVE-2021-47055.html
* https://www.suse.com/security/cve/CVE-2021-47056.html
* https://www.suse.com/security/cve/CVE-2021-47058.html
* https://www.suse.com/security/cve/CVE-2021-47061.html
* https://www.suse.com/security/cve/CVE-2021-47063.html
* https://www.suse.com/security/cve/CVE-2021-47065.html
* https://www.suse.com/security/cve/CVE-2021-47068.html
* https://www.suse.com/security/cve/CVE-2021-47069.html
* https://www.suse.com/security/cve/CVE-2021-47070.html
* https://www.suse.com/security/cve/CVE-2021-47071.html
* https://www.suse.com/security/cve/CVE-2021-47073.html
* https://www.suse.com/security/cve/CVE-2021-47077.html
* https://www.suse.com/security/cve/CVE-2021-47082.html
* https://www.suse.com/security/cve/CVE-2021-47087.html
* https://www.suse.com/security/cve/CVE-2021-47095.html
* https://www.suse.com/security/cve/CVE-2021-47097.html
* https://www.suse.com/security/cve/CVE-2021-47100.html
* https://www.suse.com/security/cve/CVE-2021-47101.html
* https://www.suse.com/security/cve/CVE-2021-47109.html
* https://www.suse.com/security/cve/CVE-2021-47110.html
* https://www.suse.com/security/cve/CVE-2021-47112.html
* https://www.suse.com/security/cve/CVE-2021-47114.html
* https://www.suse.com/security/cve/CVE-2021-47117.html
* https://www.suse.com/security/cve/CVE-2021-47118.html
* https://www.suse.com/security/cve/CVE-2021-47119.html
* https://www.suse.com/security/cve/CVE-2021-47120.html
* https://www.suse.com/security/cve/CVE-2021-47130.html
* https://www.suse.com/security/cve/CVE-2021-47136.html
* https://www.suse.com/security/cve/CVE-2021-47137.html
* https://www.suse.com/security/cve/CVE-2021-47138.html
* https://www.suse.com/security/cve/CVE-2021-47139.html
* https://www.suse.com/security/cve/CVE-2021-47141.html
* https://www.suse.com/security/cve/CVE-2021-47142.html
* https://www.suse.com/security/cve/CVE-2021-47144.html
* https://www.suse.com/security/cve/CVE-2021-47150.html
* https://www.suse.com/security/cve/CVE-2021-47153.html
* https://www.suse.com/security/cve/CVE-2021-47160.html
* https://www.suse.com/security/cve/CVE-2021-47161.html
* https://www.suse.com/security/cve/CVE-2021-47164.html
* https://www.suse.com/security/cve/CVE-2021-47165.html
* https://www.suse.com/security/cve/CVE-2021-47166.html
* https://www.suse.com/security/cve/CVE-2021-47167.html
* https://www.suse.com/security/cve/CVE-2021-47168.html
* https://www.suse.com/security/cve/CVE-2021-47169.html
* https://www.suse.com/security/cve/CVE-2021-47170.html
* https://www.suse.com/security/cve/CVE-2021-47171.html
* https://www.suse.com/security/cve/CVE-2021-47172.html
* https://www.suse.com/security/cve/CVE-2021-47173.html
* https://www.suse.com/security/cve/CVE-2021-47174.html
* https://www.suse.com/security/cve/CVE-2021-47175.html
* https://www.suse.com/security/cve/CVE-2021-47176.html
* https://www.suse.com/security/cve/CVE-2021-47177.html
* https://www.suse.com/security/cve/CVE-2021-47179.html
* https://www.suse.com/security/cve/CVE-2021-47180.html
* https://www.suse.com/security/cve/CVE-2021-47181.html
* https://www.suse.com/security/cve/CVE-2021-47183.html
* https://www.suse.com/security/cve/CVE-2021-47185.html
* https://www.suse.com/security/cve/CVE-2021-47189.html
* https://www.suse.com/security/cve/CVE-2022-0487.html
* https://www.suse.com/security/cve/CVE-2022-4744.html
* https://www.suse.com/security/cve/CVE-2022-48626.html
* https://www.suse.com/security/cve/CVE-2023-0160.html
* https://www.suse.com/security/cve/CVE-2023-1192.html
* https://www.suse.com/security/cve/CVE-2023-28746.html
* https://www.suse.com/security/cve/CVE-2023-35827.html
* https://www.suse.com/security/cve/CVE-2023-52454.html
* https://www.suse.com/security/cve/CVE-2023-52469.html
* https://www.suse.com/security/cve/CVE-2023-52470.html
* https://www.suse.com/security/cve/CVE-2023-52474.html
* https://www.suse.com/security/cve/CVE-2023-52476.html
* https://www.suse.com/security/cve/CVE-2023-52477.html
* https://www.suse.com/security/cve/CVE-2023-52492.html
* https://www.suse.com/security/cve/CVE-2023-52500.html
* https://www.suse.com/security/cve/CVE-2023-52508.html
* https://www.suse.com/security/cve/CVE-2023-52509.html
* https://www.suse.com/security/cve/CVE-2023-52572.html
* https://www.suse.com/security/cve/CVE-2023-52575.html
* https://www.suse.com/security/cve/CVE-2023-52583.html
* https://www.suse.com/security/cve/CVE-2023-52590.html
* https://www.suse.com/security/cve/CVE-2023-52591.html
* https://www.suse.com/security/cve/CVE-2023-52607.html
* https://www.suse.com/security/cve/CVE-2023-52628.html
* https://www.suse.com/security/cve/CVE-2023-6270.html
* https://www.suse.com/security/cve/CVE-2023-6356.html
* https://www.suse.com/security/cve/CVE-2023-6531.html
* https://www.suse.com/security/cve/CVE-2023-6535.html
* https://www.suse.com/security/cve/CVE-2023-6536.html
* https://www.suse.com/security/cve/CVE-2023-7042.html
* https://www.suse.com/security/cve/CVE-2023-7192.html
* https://www.suse.com/security/cve/CVE-2024-22099.html
* https://www.suse.com/security/cve/CVE-2024-26600.html
* https://www.suse.com/security/cve/CVE-2024-26614.html
* https://www.suse.com/security/cve/CVE-2024-26642.html
* https://www.suse.com/security/cve/CVE-2024-26704.html
* https://www.suse.com/security/cve/CVE-2024-26733.html
* https://bugzilla.suse.com/show_bug.cgi?id=1184942
* https://bugzilla.suse.com/show_bug.cgi?id=1186060
* https://bugzilla.suse.com/show_bug.cgi?id=1192145
* https://bugzilla.suse.com/show_bug.cgi?id=1194516
* https://bugzilla.suse.com/show_bug.cgi?id=1208995
* https://bugzilla.suse.com/show_bug.cgi?id=1209635
* https://bugzilla.suse.com/show_bug.cgi?id=1209657
* https://bugzilla.suse.com/show_bug.cgi?id=1212514
* https://bugzilla.suse.com/show_bug.cgi?id=1213456
* https://bugzilla.suse.com/show_bug.cgi?id=1217987
* https://bugzilla.suse.com/show_bug.cgi?id=1217988
* https://bugzilla.suse.com/show_bug.cgi?id=1217989
* https://bugzilla.suse.com/show_bug.cgi?id=1218336
* https://bugzilla.suse.com/show_bug.cgi?id=1218447
* https://bugzilla.suse.com/show_bug.cgi?id=1218479
* https://bugzilla.suse.com/show_bug.cgi?id=1218562
* https://bugzilla.suse.com/show_bug.cgi?id=1219170
* https://bugzilla.suse.com/show_bug.cgi?id=1219264
* https://bugzilla.suse.com/show_bug.cgi?id=1220320
* https://bugzilla.suse.com/show_bug.cgi?id=1220340
* https://bugzilla.suse.com/show_bug.cgi?id=1220366
* https://bugzilla.suse.com/show_bug.cgi?id=1220400
* https://bugzilla.suse.com/show_bug.cgi?id=1220411
* https://bugzilla.suse.com/show_bug.cgi?id=1220413
* https://bugzilla.suse.com/show_bug.cgi?id=1220414
* https://bugzilla.suse.com/show_bug.cgi?id=1220425
* https://bugzilla.suse.com/show_bug.cgi?id=1220426
* https://bugzilla.suse.com/show_bug.cgi?id=1220429
* https://bugzilla.suse.com/show_bug.cgi?id=1220432
* https://bugzilla.suse.com/show_bug.cgi?id=1220442
* https://bugzilla.suse.com/show_bug.cgi?id=1220445
* https://bugzilla.suse.com/show_bug.cgi?id=1220465
* https://bugzilla.suse.com/show_bug.cgi?id=1220468
* https://bugzilla.suse.com/show_bug.cgi?id=1220475
* https://bugzilla.suse.com/show_bug.cgi?id=1220484
* https://bugzilla.suse.com/show_bug.cgi?id=1220486
* https://bugzilla.suse.com/show_bug.cgi?id=1220487
* https://bugzilla.suse.com/show_bug.cgi?id=1220516
* https://bugzilla.suse.com/show_bug.cgi?id=1220521
* https://bugzilla.suse.com/show_bug.cgi?id=1220528
* https://bugzilla.suse.com/show_bug.cgi?id=1220529
* https://bugzilla.suse.com/show_bug.cgi?id=1220532
* https://bugzilla.suse.com/show_bug.cgi?id=1220554
* https://bugzilla.suse.com/show_bug.cgi?id=1220556
* https://bugzilla.suse.com/show_bug.cgi?id=1220557
* https://bugzilla.suse.com/show_bug.cgi?id=1220560
* https://bugzilla.suse.com/show_bug.cgi?id=1220561
* https://bugzilla.suse.com/show_bug.cgi?id=1220566
* https://bugzilla.suse.com/show_bug.cgi?id=1220575
* https://bugzilla.suse.com/show_bug.cgi?id=1220580
* https://bugzilla.suse.com/show_bug.cgi?id=1220583
* https://bugzilla.suse.com/show_bug.cgi?id=1220611
* https://bugzilla.suse.com/show_bug.cgi?id=1220615
* https://bugzilla.suse.com/show_bug.cgi?id=1220621
* https://bugzilla.suse.com/show_bug.cgi?id=1220625
* https://bugzilla.suse.com/show_bug.cgi?id=1220630
* https://bugzilla.suse.com/show_bug.cgi?id=1220631
* https://bugzilla.suse.com/show_bug.cgi?id=1220638
* https://bugzilla.suse.com/show_bug.cgi?id=1220639
* https://bugzilla.suse.com/show_bug.cgi?id=1220640
* https://bugzilla.suse.com/show_bug.cgi?id=1220641
* https://bugzilla.suse.com/show_bug.cgi?id=1220662
* https://bugzilla.suse.com/show_bug.cgi?id=1220663
* https://bugzilla.suse.com/show_bug.cgi?id=1220669
* https://bugzilla.suse.com/show_bug.cgi?id=1220670
* https://bugzilla.suse.com/show_bug.cgi?id=1220677
* https://bugzilla.suse.com/show_bug.cgi?id=1220678
* https://bugzilla.suse.com/show_bug.cgi?id=1220685
* https://bugzilla.suse.com/show_bug.cgi?id=1220687
* https://bugzilla.suse.com/show_bug.cgi?id=1220688
* https://bugzilla.suse.com/show_bug.cgi?id=1220692
* https://bugzilla.suse.com/show_bug.cgi?id=1220697
* https://bugzilla.suse.com/show_bug.cgi?id=1220703
* https://bugzilla.suse.com/show_bug.cgi?id=1220706
* https://bugzilla.suse.com/show_bug.cgi?id=1220733
* https://bugzilla.suse.com/show_bug.cgi?id=1220734
* https://bugzilla.suse.com/show_bug.cgi?id=1220739
* https://bugzilla.suse.com/show_bug.cgi?id=1220743
* https://bugzilla.suse.com/show_bug.cgi?id=1220745
* https://bugzilla.suse.com/show_bug.cgi?id=1220749
* https://bugzilla.suse.com/show_bug.cgi?id=1220751
* https://bugzilla.suse.com/show_bug.cgi?id=1220753
* https://bugzilla.suse.com/show_bug.cgi?id=1220758
* https://bugzilla.suse.com/show_bug.cgi?id=1220759
* https://bugzilla.suse.com/show_bug.cgi?id=1220764
* https://bugzilla.suse.com/show_bug.cgi?id=1220768
* https://bugzilla.suse.com/show_bug.cgi?id=1220769
* https://bugzilla.suse.com/show_bug.cgi?id=1220777
* https://bugzilla.suse.com/show_bug.cgi?id=1220779
* https://bugzilla.suse.com/show_bug.cgi?id=1220785
* https://bugzilla.suse.com/show_bug.cgi?id=1220790
* https://bugzilla.suse.com/show_bug.cgi?id=1220794
* https://bugzilla.suse.com/show_bug.cgi?id=1220824
* https://bugzilla.suse.com/show_bug.cgi?id=1220826
* https://bugzilla.suse.com/show_bug.cgi?id=1220829
* https://bugzilla.suse.com/show_bug.cgi?id=1220836
* https://bugzilla.suse.com/show_bug.cgi?id=1220846
* https://bugzilla.suse.com/show_bug.cgi?id=1220850
* https://bugzilla.suse.com/show_bug.cgi?id=1220861
* https://bugzilla.suse.com/show_bug.cgi?id=1220871
* https://bugzilla.suse.com/show_bug.cgi?id=1220883
* https://bugzilla.suse.com/show_bug.cgi?id=1220946
* https://bugzilla.suse.com/show_bug.cgi?id=1220954
* https://bugzilla.suse.com/show_bug.cgi?id=1220969
* https://bugzilla.suse.com/show_bug.cgi?id=1220979
* https://bugzilla.suse.com/show_bug.cgi?id=1220982
* https://bugzilla.suse.com/show_bug.cgi?id=1220985
* https://bugzilla.suse.com/show_bug.cgi?id=1220987
* https://bugzilla.suse.com/show_bug.cgi?id=1221015
* https://bugzilla.suse.com/show_bug.cgi?id=1221044
* https://bugzilla.suse.com/show_bug.cgi?id=1221058
* https://bugzilla.suse.com/show_bug.cgi?id=1221061
* https://bugzilla.suse.com/show_bug.cgi?id=1221077
* https://bugzilla.suse.com/show_bug.cgi?id=1221088
* https://bugzilla.suse.com/show_bug.cgi?id=1221276
* https://bugzilla.suse.com/show_bug.cgi?id=1221293
* https://bugzilla.suse.com/show_bug.cgi?id=1221532
* https://bugzilla.suse.com/show_bug.cgi?id=1221534
* https://bugzilla.suse.com/show_bug.cgi?id=1221541
* https://bugzilla.suse.com/show_bug.cgi?id=1221548
* https://bugzilla.suse.com/show_bug.cgi?id=1221552
* https://bugzilla.suse.com/show_bug.cgi?id=1221575
* https://bugzilla.suse.com/show_bug.cgi?id=1221605
* https://bugzilla.suse.com/show_bug.cgi?id=1221606
* https://bugzilla.suse.com/show_bug.cgi?id=1221608
* https://bugzilla.suse.com/show_bug.cgi?id=1221830
* https://bugzilla.suse.com/show_bug.cgi?id=1221931
* https://bugzilla.suse.com/show_bug.cgi?id=1221932
* https://bugzilla.suse.com/show_bug.cgi?id=1221934
* https://bugzilla.suse.com/show_bug.cgi?id=1221935
* https://bugzilla.suse.com/show_bug.cgi?id=1221949
* https://bugzilla.suse.com/show_bug.cgi?id=1221952
* https://bugzilla.suse.com/show_bug.cgi?id=1221965
* https://bugzilla.suse.com/show_bug.cgi?id=1221966
* https://bugzilla.suse.com/show_bug.cgi?id=1221969
* https://bugzilla.suse.com/show_bug.cgi?id=1221973
* https://bugzilla.suse.com/show_bug.cgi?id=1221974
* https://bugzilla.suse.com/show_bug.cgi?id=1221978
* https://bugzilla.suse.com/show_bug.cgi?id=1221989
* https://bugzilla.suse.com/show_bug.cgi?id=1221990
* https://bugzilla.suse.com/show_bug.cgi?id=1221991
* https://bugzilla.suse.com/show_bug.cgi?id=1221992
* https://bugzilla.suse.com/show_bug.cgi?id=1221993
* https://bugzilla.suse.com/show_bug.cgi?id=1221994
* https://bugzilla.suse.com/show_bug.cgi?id=1221996
* https://bugzilla.suse.com/show_bug.cgi?id=1221997
* https://bugzilla.suse.com/show_bug.cgi?id=1221998
* https://bugzilla.suse.com/show_bug.cgi?id=1221999
* https://bugzilla.suse.com/show_bug.cgi?id=1222000
* https://bugzilla.suse.com/show_bug.cgi?id=1222001
* https://bugzilla.suse.com/show_bug.cgi?id=1222002
* https://bugzilla.suse.com/show_bug.cgi?id=1222003
* https://bugzilla.suse.com/show_bug.cgi?id=1222004
* https://bugzilla.suse.com/show_bug.cgi?id=1222117
* https://bugzilla.suse.com/show_bug.cgi?id=1222422
* https://bugzilla.suse.com/show_bug.cgi?id=1222585
* https://bugzilla.suse.com/show_bug.cgi?id=1222619
* https://bugzilla.suse.com/show_bug.cgi?id=1222660
* https://bugzilla.suse.com/show_bug.cgi?id=1222664
* https://bugzilla.suse.com/show_bug.cgi?id=1222669
* https://bugzilla.suse.com/show_bug.cgi?id=1222706
* https://jira.suse.com/browse/PED-5759
* https://jira.suse.com/browse/SLE-13706
* https://jira.suse.com/browse/SLE-15131
* https://jira.suse.com/browse/SLE-15172
* https://jira.suse.com/browse/SLE-15176



SUSE-SU-2024:1663-1: important: Security update for the Linux Kernel


# Security update for the Linux Kernel

Announcement ID: SUSE-SU-2024:1663-1
Rating: important
References:

* bsc#1141539
* bsc#1177529
* bsc#1190576
* bsc#1192145
* bsc#1192837
* bsc#1193629
* bsc#1196869
* bsc#1200313
* bsc#1201308
* bsc#1201489
* bsc#1203906
* bsc#1203935
* bsc#1204614
* bsc#1207361
* bsc#1211592
* bsc#1213573
* bsc#1217408
* bsc#1218562
* bsc#1218917
* bsc#1219104
* bsc#1219126
* bsc#1219141
* bsc#1219169
* bsc#1219170
* bsc#1219264
* bsc#1220342
* bsc#1220492
* bsc#1220569
* bsc#1220761
* bsc#1220901
* bsc#1220915
* bsc#1220935
* bsc#1221042
* bsc#1221044
* bsc#1221080
* bsc#1221084
* bsc#1221088
* bsc#1221162
* bsc#1221299
* bsc#1221612
* bsc#1221617
* bsc#1221645
* bsc#1221791
* bsc#1221825
* bsc#1222011
* bsc#1222051
* bsc#1222247
* bsc#1222266
* bsc#1222294
* bsc#1222307
* bsc#1222357
* bsc#1222368
* bsc#1222379
* bsc#1222416
* bsc#1222422
* bsc#1222424
* bsc#1222427
* bsc#1222428
* bsc#1222430
* bsc#1222431
* bsc#1222435
* bsc#1222437
* bsc#1222445
* bsc#1222449
* bsc#1222482
* bsc#1222503
* bsc#1222520
* bsc#1222536
* bsc#1222549
* bsc#1222550
* bsc#1222557
* bsc#1222559
* bsc#1222585
* bsc#1222586
* bsc#1222596
* bsc#1222609
* bsc#1222610
* bsc#1222613
* bsc#1222615
* bsc#1222618
* bsc#1222624
* bsc#1222630
* bsc#1222632
* bsc#1222660
* bsc#1222662
* bsc#1222664
* bsc#1222666
* bsc#1222669
* bsc#1222671
* bsc#1222677
* bsc#1222678
* bsc#1222680
* bsc#1222703
* bsc#1222704
* bsc#1222706
* bsc#1222709
* bsc#1222710
* bsc#1222720
* bsc#1222721
* bsc#1222724
* bsc#1222726
* bsc#1222727
* bsc#1222764
* bsc#1222772
* bsc#1222773
* bsc#1222776
* bsc#1222781
* bsc#1222784
* bsc#1222785
* bsc#1222787
* bsc#1222790
* bsc#1222791
* bsc#1222792
* bsc#1222796
* bsc#1222798
* bsc#1222801
* bsc#1222812
* bsc#1222824
* bsc#1222829
* bsc#1222832
* bsc#1222836
* bsc#1222838
* bsc#1222866
* bsc#1222867
* bsc#1222869
* bsc#1222876
* bsc#1222878
* bsc#1222879
* bsc#1222881
* bsc#1222883
* bsc#1222888
* bsc#1222894
* bsc#1222901
* bsc#1222968
* bsc#1223012
* bsc#1223014
* bsc#1223016
* bsc#1223024
* bsc#1223030
* bsc#1223033
* bsc#1223034
* bsc#1223035
* bsc#1223036
* bsc#1223037
* bsc#1223041
* bsc#1223042
* bsc#1223051
* bsc#1223052
* bsc#1223056
* bsc#1223057
* bsc#1223058
* bsc#1223060
* bsc#1223061
* bsc#1223065
* bsc#1223066
* bsc#1223067
* bsc#1223068
* bsc#1223076
* bsc#1223078
* bsc#1223111
* bsc#1223115
* bsc#1223118
* bsc#1223187
* bsc#1223189
* bsc#1223190
* bsc#1223191
* bsc#1223196
* bsc#1223197
* bsc#1223198
* bsc#1223275
* bsc#1223323
* bsc#1223369
* bsc#1223380
* bsc#1223473
* bsc#1223474
* bsc#1223475
* bsc#1223477
* bsc#1223478
* bsc#1223479
* bsc#1223481
* bsc#1223482
* bsc#1223484
* bsc#1223487
* bsc#1223490
* bsc#1223496
* bsc#1223498
* bsc#1223499
* bsc#1223501
* bsc#1223502
* bsc#1223503
* bsc#1223505
* bsc#1223509
* bsc#1223511
* bsc#1223512
* bsc#1223513
* bsc#1223516
* bsc#1223517
* bsc#1223518
* bsc#1223519
* bsc#1223520
* bsc#1223522
* bsc#1223523
* bsc#1223525
* bsc#1223536
* bsc#1223539
* bsc#1223574
* bsc#1223595
* bsc#1223598
* bsc#1223634
* bsc#1223640
* bsc#1223643
* bsc#1223644
* bsc#1223645
* bsc#1223646
* bsc#1223648
* bsc#1223655
* bsc#1223657
* bsc#1223660
* bsc#1223661
* bsc#1223663
* bsc#1223664
* bsc#1223668
* bsc#1223686
* bsc#1223693
* bsc#1223705
* bsc#1223714
* bsc#1223735
* bsc#1223745
* bsc#1223784
* bsc#1223785
* bsc#1223790
* bsc#1223816
* bsc#1223821
* bsc#1223822
* bsc#1223824
* bsc#1223827
* bsc#1223834
* bsc#1223875
* bsc#1223876
* bsc#1223877
* bsc#1223878
* bsc#1223879
* bsc#1223894
* bsc#1223921
* bsc#1223922
* bsc#1223923
* bsc#1223924
* bsc#1223929
* bsc#1223931
* bsc#1223932
* bsc#1223934
* bsc#1223941
* bsc#1223948
* bsc#1223949
* bsc#1223950
* bsc#1223951
* bsc#1223952
* bsc#1223953
* bsc#1223956
* bsc#1223957
* bsc#1223960
* bsc#1223962
* bsc#1223963
* bsc#1223964
* jsc#PED-1166
* jsc#PED-1168
* jsc#PED-1170
* jsc#PED-1218
* jsc#PED-1220
* jsc#PED-1222
* jsc#PED-1223
* jsc#PED-1225
* jsc#PED-1565
* jsc#PED-2849
* jsc#PED-376
* jsc#PED-542
* jsc#PED-7167
* jsc#PED-7619
* jsc#SLE-18378
* jsc#SLE-18383
* jsc#SLE-18385
* jsc#SLE-18978
* jsc#SLE-19249
* jsc#SLE-19253

Cross-References:

* CVE-2021-47047
* CVE-2021-47181
* CVE-2021-47182
* CVE-2021-47183
* CVE-2021-47184
* CVE-2021-47185
* CVE-2021-47187
* CVE-2021-47188
* CVE-2021-47189
* CVE-2021-47191
* CVE-2021-47192
* CVE-2021-47193
* CVE-2021-47194
* CVE-2021-47195
* CVE-2021-47196
* CVE-2021-47197
* CVE-2021-47198
* CVE-2021-47199
* CVE-2021-47200
* CVE-2021-47201
* CVE-2021-47202
* CVE-2021-47203
* CVE-2021-47204
* CVE-2021-47205
* CVE-2021-47206
* CVE-2021-47207
* CVE-2021-47209
* CVE-2021-47210
* CVE-2021-47211
* CVE-2021-47212
* CVE-2021-47214
* CVE-2021-47215
* CVE-2021-47216
* CVE-2021-47217
* CVE-2021-47218
* CVE-2021-47219
* CVE-2022-48631
* CVE-2022-48632
* CVE-2022-48634
* CVE-2022-48636
* CVE-2022-48637
* CVE-2022-48638
* CVE-2022-48639
* CVE-2022-48640
* CVE-2022-48642
* CVE-2022-48644
* CVE-2022-48646
* CVE-2022-48647
* CVE-2022-48648
* CVE-2022-48650
* CVE-2022-48651
* CVE-2022-48652
* CVE-2022-48653
* CVE-2022-48654
* CVE-2022-48655
* CVE-2022-48656
* CVE-2022-48657
* CVE-2022-48658
* CVE-2022-48659
* CVE-2022-48660
* CVE-2022-48662
* CVE-2022-48663
* CVE-2022-48667
* CVE-2022-48668
* CVE-2022-48671
* CVE-2022-48672
* CVE-2022-48673
* CVE-2022-48675
* CVE-2022-48686
* CVE-2022-48687
* CVE-2022-48688
* CVE-2022-48690
* CVE-2022-48692
* CVE-2022-48693
* CVE-2022-48694
* CVE-2022-48695
* CVE-2022-48697
* CVE-2022-48698
* CVE-2022-48700
* CVE-2022-48701
* CVE-2022-48702
* CVE-2022-48703
* CVE-2022-48704
* CVE-2023-2860
* CVE-2023-52488
* CVE-2023-52503
* CVE-2023-52561
* CVE-2023-52585
* CVE-2023-52589
* CVE-2023-52590
* CVE-2023-52591
* CVE-2023-52593
* CVE-2023-52614
* CVE-2023-52616
* CVE-2023-52620
* CVE-2023-52627
* CVE-2023-52635
* CVE-2023-52636
* CVE-2023-52645
* CVE-2023-52652
* CVE-2023-6270
* CVE-2024-0639
* CVE-2024-0841
* CVE-2024-22099
* CVE-2024-23307
* CVE-2024-23848
* CVE-2024-23850
* CVE-2024-26601
* CVE-2024-26610
* CVE-2024-26656
* CVE-2024-26660
* CVE-2024-26671
* CVE-2024-26673
* CVE-2024-26675
* CVE-2024-26680
* CVE-2024-26681
* CVE-2024-26684
* CVE-2024-26685
* CVE-2024-26687
* CVE-2024-26688
* CVE-2024-26689
* CVE-2024-26696
* CVE-2024-26697
* CVE-2024-26702
* CVE-2024-26704
* CVE-2024-26718
* CVE-2024-26722
* CVE-2024-26727
* CVE-2024-26733
* CVE-2024-26736
* CVE-2024-26737
* CVE-2024-26739
* CVE-2024-26743
* CVE-2024-26744
* CVE-2024-26745
* CVE-2024-26747
* CVE-2024-26749
* CVE-2024-26751
* CVE-2024-26754
* CVE-2024-26760
* CVE-2024-267600
* CVE-2024-26763
* CVE-2024-26764
* CVE-2024-26766
* CVE-2024-26769
* CVE-2024-26771
* CVE-2024-26772
* CVE-2024-26773
* CVE-2024-26776
* CVE-2024-26779
* CVE-2024-26783
* CVE-2024-26787
* CVE-2024-26790
* CVE-2024-26792
* CVE-2024-26793
* CVE-2024-26798
* CVE-2024-26805
* CVE-2024-26807
* CVE-2024-26816
* CVE-2024-26817
* CVE-2024-26820
* CVE-2024-26825
* CVE-2024-26830
* CVE-2024-26833
* CVE-2024-26836
* CVE-2024-26843
* CVE-2024-26848
* CVE-2024-26852
* CVE-2024-26853
* CVE-2024-26855
* CVE-2024-26856
* CVE-2024-26857
* CVE-2024-26861
* CVE-2024-26862
* CVE-2024-26866
* CVE-2024-26872
* CVE-2024-26875
* CVE-2024-26878
* CVE-2024-26879
* CVE-2024-26881
* CVE-2024-26882
* CVE-2024-26883
* CVE-2024-26884
* CVE-2024-26885
* CVE-2024-26891
* CVE-2024-26893
* CVE-2024-26895
* CVE-2024-26896
* CVE-2024-26897
* CVE-2024-26898
* CVE-2024-26901
* CVE-2024-26903
* CVE-2024-26917
* CVE-2024-26927
* CVE-2024-26948
* CVE-2024-26950
* CVE-2024-26951
* CVE-2024-26955
* CVE-2024-26956
* CVE-2024-26960
* CVE-2024-26965
* CVE-2024-26966
* CVE-2024-26969
* CVE-2024-26970
* CVE-2024-26972
* CVE-2024-26981
* CVE-2024-26982
* CVE-2024-26993
* CVE-2024-27013
* CVE-2024-27014
* CVE-2024-27030
* CVE-2024-27038
* CVE-2024-27039
* CVE-2024-27041
* CVE-2024-27043
* CVE-2024-27046
* CVE-2024-27056
* CVE-2024-27062
* CVE-2024-27389

CVSS scores:

* CVE-2021-47047 ( SUSE ): 5.6 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:H
* CVE-2021-47181 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47182 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47183 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47184 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47185 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47187 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47188 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47189 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47191 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47192 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47193 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47193 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47194 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47194 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2021-47195 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47195 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47196 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47197 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47198 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47198 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2021-47199 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47200 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47201 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47202 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47203 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47204 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47205 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47206 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47207 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47209 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47210 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47211 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47212 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47214 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47215 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47216 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
* CVE-2021-47217 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47218 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47219 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
* CVE-2022-48631 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48632 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48634 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48636 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48637 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48638 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48639 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48640 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48642 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
* CVE-2022-48644 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48646 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48647 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48648 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48650 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48651 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2022-48652 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48653 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
* CVE-2022-48654 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
* CVE-2022-48654 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
* CVE-2022-48655 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
* CVE-2022-48655 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2022-48656 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
* CVE-2022-48657 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
* CVE-2022-48658 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48658 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2022-48659 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48659 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48660 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
* CVE-2022-48660 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48662 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2022-48662 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2022-48663 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48667 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
* CVE-2022-48668 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
* CVE-2022-48671 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48671 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48672 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
* CVE-2022-48672 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2022-48673 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2022-48673 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48675 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48675 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48686 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2022-48686 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2022-48687 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
* CVE-2022-48687 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
* CVE-2022-48688 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48688 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48690 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48692 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48692 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48693 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48693 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48694 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48694 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2022-48695 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48697 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
* CVE-2022-48698 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
* CVE-2022-48700 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
* CVE-2022-48701 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
* CVE-2022-48702 ( SUSE ): 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L
* CVE-2022-48703 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48704 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-2860 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
* CVE-2023-2860 ( NVD ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
* CVE-2023-52488 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52503 ( SUSE ): 4.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L
* CVE-2023-52561 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52585 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52589 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52590 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
* CVE-2023-52591 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
* CVE-2023-52593 ( SUSE ): 5.7 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
* CVE-2023-52614 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
* CVE-2023-52616 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52620 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52627 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52635 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52636 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52645 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52645 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52652 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
* CVE-2023-6270 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-6270 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-0639 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-0639 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-0841 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-0841 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-22099 ( SUSE ): 5.3 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-22099 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-23307 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-23307 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-23848 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
* CVE-2024-23848 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-23850 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-23850 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26601 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26601 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26610 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
* CVE-2024-26656 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26660 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26671 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26673 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26675 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26680 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26681 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26684 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26685 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26687 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26688 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26689 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26696 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26697 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26702 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26704 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26718 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26722 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26727 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26733 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26736 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26737 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-26739 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26743 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
* CVE-2024-26744 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26745 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26747 ( SUSE ): 4.3 CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26749 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
* CVE-2024-26751 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
* CVE-2024-26754 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26760 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26763 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
* CVE-2024-26764 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
* CVE-2024-26766 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-26769 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26771 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26772 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26773 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26776 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26779 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26783 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26787 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26790 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26792 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26793 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26798 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26805 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26807 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26816 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
* CVE-2024-26817 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26820 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26825 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26830 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26833 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26836 ( SUSE ): 4.3 CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
* CVE-2024-26843 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26848 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
* CVE-2024-26852 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-26853 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26855 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26856 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26857 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26861 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26862 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
* CVE-2024-26866 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26872 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26875 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-26878 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26879 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26881 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26881 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26882 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26882 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-26883 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26883 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-26884 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26884 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-26885 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26885 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-26891 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26893 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26895 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26896 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26897 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26898 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-26898 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-26901 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
* CVE-2024-26901 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26903 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26903 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26917 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26927 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26948 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26950 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26951 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26955 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26956 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26960 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26965 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26966 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26969 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26970 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26972 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26981 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26982 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26993 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L
* CVE-2024-27013 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-27013 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-27014 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-27014 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-27030 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H
* CVE-2024-27038 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-27039 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-27041 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-27043 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-27046 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-27056 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-27062 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-27389 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected Products:

* openSUSE Leap 15.5
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise Live Patching 15-SP5
* SUSE Linux Enterprise Micro 5.5
* SUSE Linux Enterprise Real Time 15 SP5
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Real Time Module 15-SP5

An update that solves 219 vulnerabilities, contains 20 features and has 45
security fixes can now be installed.

## Description:

The SUSE Linux Enterprise 15 SP5 Real Time kernel was updated to receive various
security bugfixes.

The following security bugs were fixed:

* CVE-2024-27389: Fixed pstore inode handling with d_invalidate()
(bsc#1223705).
* CVE-2024-27062: Fixed nouveau lock inside client object tree (bsc#1223834).
* CVE-2024-27056: Fixed wifi/iwlwifi/mvm to ensure offloading TID queue exists
(bsc#1223822).
* CVE-2024-27046: Fixed nfp/flower handling acti_netdevs allocation failure
(bsc#1223827).
* CVE-2024-27043: Fixed a use-after-free in edia/dvbdev in different places
(bsc#1223824).
* CVE-2024-27041: Fixed drm/amd/display NULL checks for adev->dm.dc in
amdgpu_dm_fini() (bsc#1223714).
* CVE-2024-27039: Fixed clk/hisilicon/hi3559a an erroneous devm_kfree()
(bsc#1223821).
* CVE-2024-27038: Fixed clk_core_get NULL pointer dereference (bsc#1223816).
* CVE-2024-27030: Fixed octeontx2-af to use separate handlers for interrupts
(bsc#1223790).
* CVE-2024-27014: Fixed net/mlx5e to prevent deadlock while disabling aRFS
(bsc#1223735).
* CVE-2024-27013: Fixed tun limit printing rate when illegal packet received
by tun device (bsc#1223745).
* CVE-2024-26993: Fixed fs/sysfs reference leak in
sysfs_break_active_protection() (bsc#1223693).
* CVE-2024-26982: Fixed Squashfs inode number check not to be an invalid value
of zero (bsc#1223634).
* CVE-2024-26970: Fixed clk/qcom/gcc-ipq6018 termination of frequency table
arrays (bsc#1223644).
* CVE-2024-26969: Fixed clk/qcom/gcc-ipq8074 termination of frequency table
arrays (bsc#1223645).
* CVE-2024-26966: Fixed clk/qcom/mmcc-apq8084 termination of frequency table
arrays (bsc#1223646).
* CVE-2024-26965: Fixed clk/qcom/mmcc-msm8974 termination of frequency table
arrays (bsc#1223648).
* CVE-2024-26960: Fixed mm/swap race between free_swap_and_cache() and
swapoff() (bsc#1223655).
* CVE-2024-26951: Fixed wireguard/netlink check for dangling peer via is_dead
instead of empty list (bsc#1223660).
* CVE-2024-26950: Fixed wireguard/netlink to access device through ctx instead
of peer (bsc#1223661).
* CVE-2024-26948: Fixed drm/amd/display by adding dc_state NULL check in
dc_state_release (bsc#1223664).
* CVE-2024-26927: Fixed ASoC/SOF bounds checking to firmware data Smatch
(bsc#1223525).
* CVE-2024-26901: Fixed do_sys_name_to_handle() to use kzalloc() to prevent
kernel-infoleak (bsc#1223198).
* CVE-2024-26896: Fixed wifi/wfx memory leak when starting AP (bsc#1223042).
* CVE-2024-26893: Fixed firmware/arm_scmi for possible double free in SMC
transport cleanup path (bsc#1223196).
* CVE-2024-26885: Fixed bpf DEVMAP_HASH overflow check on 32-bit arches
(bsc#1223190).
* CVE-2024-26884: Fixed bpf hashtab overflow check on 32-bit arches
(bsc#1223189).
* CVE-2024-26883: Fixed bpf stackmap overflow check on 32-bit arches
(bsc#1223035).
* CVE-2024-26882: Fixed net/ip_tunnel to make sure to pull inner header in
ip_tunnel_rcv() (bsc#1223034).
* CVE-2024-26881: Fixed net/hns3 kernel crash when 1588 is received on HIP08
devices (bsc#1223041).
* CVE-2024-26879: Fixed clk/meson by adding missing clocks to axg_clk_regmaps
(bsc#1223066).
* CVE-2024-26878: Fixed quota for potential NULL pointer dereference
(bsc#1223060).
* CVE-2024-26866: Fixed spi/spi-fsl-lpspi by removing redundant
spi_controller_put call (bsc#1223024).
* CVE-2024-26862: Fixed packet annotate data-races around ignore_outgoing
(bsc#1223111).
* CVE-2024-26861: Fixed wireguard/receive annotate data-race around
receiving_counter.counter (bsc#1223076).
* CVE-2024-26857: Fixed geneve to make sure to pull inner header in
geneve_rx() (bsc#1223058).
* CVE-2024-26856: Fixed use-after-free inside sparx5_del_mact_entry
(bsc#1223052).
* CVE-2024-26855: Fixed net/ice potential NULL pointer dereference in
ice_bridge_setlink() (bsc#1223051).
* CVE-2024-26853: Fixed igc returning frame twice in XDP_REDIRECT
(bsc#1223061).
* CVE-2024-26852: Fixed net/ipv6 to avoid possible UAF in
ip6_route_mpath_notify() (bsc#1223057).
* CVE-2024-26848: Fixed afs endless loop in directory parsing (bsc#1223030).
* CVE-2024-26836: Fixed platform/x86/think-lmi password opcode ordering for
workstations (bsc#1222968).
* CVE-2024-26830: Fixed i40e to not allow untrusted VF to remove
administratively set MAC (bsc#1223012).
* CVE-2024-26817: Fixed amdkfd to use calloc instead of kzalloc to avoid
integer overflow (bsc#1222812).
* CVE-2024-26816: Fixed relocations in .notes section when building with
CONFIG_XEN_PV=y by ignoring them (bsc#1222624).
* CVE-2024-26807: Fixed spi/cadence-qspi NULL pointer reference in runtime PM
hooks (bsc#1222801).
* CVE-2024-26805: Fixed a kernel-infoleak-after-free in __skb_datagram_iter in
netlink (bsc#1222630).
* CVE-2024-26793: Fixed an use-after-free and null-ptr-deref in gtp_newlink()
in gtp (bsc#1222428).
* CVE-2024-26783: Fixed mm/vmscan bug when calling wakeup_kswapd() with a
wrong zone index (bsc#1222615).
* CVE-2024-26779: Fixed a race condition on enabling fast-xmit in mac80211
(bsc#1222772).
* CVE-2024-26773: Fixed ext4 block allocation from corrupted group in
ext4_mb_try_best_found() (bsc#1222618).
* CVE-2024-26772: Fixed ext4 to avoid allocating blocks from corrupted group
in ext4_mb_find_by_goal() (bsc#1222613).
* CVE-2024-26771: Fixed a null pointer dereference on edma_probe in dmaengine
ti edma (bsc#1222610)
* CVE-2024-26766: Fixed SDMA off-by-one error in _pad_sdma_tx_descs()
(bsc#1222726).
* CVE-2024-26764: Fixed IOCB_AIO_RW check in fs/aio before the struct
aio_kiocb conversion (bsc#1222721).
* CVE-2024-26763: Fixed user corruption via by writing data with O_DIRECT on
device in dm-crypt (bsc#1222720).
* CVE-2024-26760: Fixed scsi/target/pscsi bio_put() for error case
(bsc#1222596).
* CVE-2024-267600: Fixed scsi/target/pscsi error case in bio_put()
(bsc#1222596).
* CVE-2024-26754: Fixed an use-after-free and null-ptr-deref in
gtp_genl_dump_pdp() in gtp (bsc#1222632).
* CVE-2024-26751: Fixed ARM/ep93xx terminator to gpiod_lookup_table
(bsc#1222724).
* CVE-2024-26747: Fixed a NULL pointer issue with USB parent module's
reference (bsc#1222609).
* CVE-2024-26744: Fixed null pointer dereference in srpt_service_guid
parameter in rdma/srpt (bsc#1222449).
* CVE-2024-26743: Fixed memory leak in qedr_create_user_qp error flow in
rdma/qedr (bsc#1222677).
* CVE-2024-26737: Fixed selftests/bpf racing between bpf_timer_cancel_and_free
and bpf_timer_cancel (bsc#1222557).
* CVE-2024-26733: Fixed an overflow in arp_req_get() in arp (bsc#1222585).
* CVE-2024-26727: Fixed assertion if a newly created btrfs subvolume already
gets read (bsc#1222536).
* CVE-2024-26718: Fixed dm-crypt/dm-verity disable tasklets (bsc#1222416).
* CVE-2024-26704: Fixed a double-free of blocks due to wrong extents moved_len
in ext4 (bsc#1222422).
* CVE-2024-26696: Fixed nilfs2 hang in nilfs_lookup_dirty_data_buffers()
(bsc#1222549).
* CVE-2024-26689: Fixed a use-after-free in encode_cap_msg() (bsc#1222503).
* CVE-2024-26687: Fixed xen/events close evtchn after mapping cleanup
(bsc#1222435).
* CVE-2024-26685: Fixed nilfs2 potential bug in end_buffer_async_write
(bsc#1222437).
* CVE-2024-26684: Fixed net/stmmac/xgmac handling of DPP safety error for DMA
channels (bsc#1222445).
* CVE-2024-26681: Fixed netdevsim to avoid potential loop in
nsim_dev_trap_report_work() (bsc#1222431).
* CVE-2024-26680: Fixed net/atlantic DMA mapping for PTP hwts ring
(bsc#1222427).
* CVE-2024-26675: Fixed ppp_async to limit MRU to 64K (bsc#1222379).
* CVE-2024-26673: Fixed netfilter/nft_ct layer 3 and 4 protocol sanitization
(bsc#1222368).
* CVE-2024-26671: Fixed blk-mq IO hang from sbitmap wakeup race (bsc#1222357).
* CVE-2024-26660: Fixed drm/amd/display bounds check for stream encoder
creation (bsc#1222266).
* CVE-2024-26656: Fixed drm/amdgpu use-after-free bug (bsc#1222307).
* CVE-2024-26610: Fixed memory corruption in wifi/iwlwifi (bsc#1221299).
* CVE-2024-26601: Fixed ext4 buddy bitmap corruption via fast commit replay
(bsc#1220342).
* CVE-2024-23850: Fixed double free of anonymous device after snapshot
creation failure (bsc#1219126).
* CVE-2024-23848: Fixed media/cec for possible use-after-free in
cec_queue_msg_fh (bsc#1219104).
* CVE-2024-23307: Fixed Integer Overflow or Wraparound vulnerability in x86
and ARM md, raid, raid5 modules (bsc#1219169).
* CVE-2024-22099: Fixed a null-pointer-dereference in rfcomm_check_security
(bsc#1219170).
* CVE-2024-0841: Fixed a null pointer dereference in the hugetlbfs_fill_super
function in hugetlbfs (HugeTLB pages) functionality (bsc#1219264).
* CVE-2024-0639: Fixed a denial-of-service vulnerability due to a deadlock
found in sctp_auto_asconf_init in net/sctp/socket.c (bsc#1218917).
* CVE-2023-6270: Fixed a use-after-free issue in aoecmd_cfg_pkts
(bsc#1218562).
* CVE-2023-52652: Fixed NTB for possible name leak in ntb_register_device()
(bsc#1223686).
* CVE-2023-52645: Fixed pmdomain/mediatek race conditions with genpd
(bsc#1223033).
* CVE-2023-52636: Fixed libceph cursor init when preparing sparse read in
msgr2 (bsc#1222247).
* CVE-2023-52635: Fixed PM/devfreq to synchronize devfreq_monitor_[start/stop]
(bsc#1222294).
* CVE-2023-52627: Fixed iio:adc:ad7091r exports into IIO_AD7091R namespace
(bsc#1222051).
* CVE-2023-52620: Fixed netfilter/nf_tables to disallow timeout for anonymous
sets never used from userspace (bsc#1221825).
* CVE-2023-52616: Fixed unexpected pointer access in crypto/lib/mpi in
mpi_ec_init (bsc#1221612).
* CVE-2023-52614: Fixed PM/devfreq buffer overflow in trans_stat_show
(bsc#1221617).
* CVE-2023-52593: Fixed wifi/wfx possible NULL pointer dereference in
wfx_set_mfp_ap() (bsc#1221042).
* CVE-2023-52591: Fixed a possible reiserfs filesystem corruption via
directory renaming (bsc#1221044).
* CVE-2023-52590: Fixed a possible ocfs2 filesystem corruption via directory
renaming (bsc#1221088).
* CVE-2023-52589: Fixed media/rkisp1 IRQ disable race issue (bsc#1221084).
* CVE-2023-52585: Fixed drm/amdgpu for possible NULL pointer dereference in
amdgpu_ras_query_error_status_helper() (bsc#1221080).
* CVE-2023-52561: Fixed arm64/dts/qcom/sdm845-db845c to mark cont splash
memory region (bsc#1220935).
* CVE-2023-52503: Fixed tee/amdtee use-after-free vulnerability in
amdtee_close_session (bsc#1220915).
* CVE-2023-52488: Fixed serial/sc16is7xx convert from _raw_ to _noinc_ regmap
functions for FIFO (bsc#1221162).
* CVE-2022-48701: Fixed an out-of-bounds bug in
__snd_usb_parse_audio_interface() (bsc#1223921).
* CVE-2022-48662: Fixed a general protection fault (GPF) in
i915_perf_open_ioctl (bsc#1223505).
* CVE-2022-48659: Fixed mm/slub to return errno if kmalloc() fails
(bsc#1223498).
* CVE-2022-48658: Fixed mm/slub to avoid a problem in
flush_cpu_slab()/__free_slab() task context (bsc#1223496).
* CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset
skb->mac_header (bsc#1223513).
* CVE-2022-48642: Fixed netfilter/nf_tables percpu memory leak at
nf_tables_addchain() (bsc#1223478).
* CVE-2022-48640: Fixed bonding for possible NULL pointer dereference in
bond_rr_gen_slave_id (bsc#1223499).
* CVE-2022-48631: Fixed a bug in ext4, when parsing extents where eh_entries
== 0 and eh_depth > 0 (bsc#1223475).
* CVE-2021-47214: Fixed hugetlb/userfaultfd during restore reservation in
hugetlb_mcopy_atomic_pte() (bsc#1222710).
* CVE-2021-47211: Fixed a null pointer dereference on pointer cs_desc in usb-
audio (bsc#1222869).
* CVE-2021-47207: Fixed a null pointer dereference on pointer block in gus
(bsc#1222790).
* CVE-2021-47205: Unregistered clocks/resets when unbinding in sunxi-ng
(bsc#1222888).
* CVE-2021-47202: Fixed NULL pointer dereferences in of_thermal_ functions
(bsc#1222878)
* CVE-2021-47200: Fixed drm/prime for possible use-after-free in mmap within
drm_gem_ttm_mmap() and drm_gem_ttm_mmap() (bsc#1222838).
* CVE-2021-47195: Fixed use-after-free inside SPI via add_lock mutex
(bsc#1222832).
* CVE-2021-47189: Fixed denial of service due to memory ordering issues
between normal and ordered work functions in btrfs (bsc#1222706).
* CVE-2021-47185: Fixed a softlockup issue in flush_to_ldisc in tty tty_buffer
(bsc#1222669).
* CVE-2021-47184: Fixed NULL pointer dereference on VSI filter sync
(bsc#1222666).
* CVE-2021-47183: Fixed a null pointer dereference during link down processing
in scsi lpfc (bsc#1192145, bsc#1222664).
* CVE-2021-47182: Fixed scsi_mode_sense() buffer length handling
(bsc#1222662).
* CVE-2021-47181: Fixed a null pointer dereference caused by calling
platform_get_resource() (bsc#1222660).

The following non-security bugs were fixed:

* ALSA: firewire-lib: handle quirk to calculate payload quadlets as data block
counter (stable-fixes).
* ALSA: hda/realtek - Enable audio jacks of Haier Boyue G42 with ALC269VC
(stable-fixes).
* ALSA: hda/realtek - Fix inactive headset mic jack (stable-fixes).
* ALSA: hda/realtek: Add quirk for HP SnowWhite laptops (stable-fixes).
* ALSA: hda/realtek: Fix mute led of HP Laptop 15-da3001TU (stable-fixes).
* ALSA: hda: intel-sdw-acpi: fix usage of device_get_named_child_node() (git-
fixes).
* ALSA: scarlett2: Add Focusrite Clarett 2Pre and 4Pre USB support (stable-
fixes).
* ALSA: scarlett2: Add Focusrite Clarett+ 2Pre and 4Pre support (stable-
fixes).
* ALSA: scarlett2: Add correct product series name to messages (stable-fixes).
* ALSA: scarlett2: Add support for Clarett 8Pre USB (stable-fixes).
* ALSA: scarlett2: Default mixer driver to enabled (stable-fixes).
* ALSA: scarlett2: Move USB IDs out from device_info struct (stable-fixes).
* ASoC: meson: axg-card: make links nonatomic (git-fixes).
* ASoC: meson: axg-tdm-interface: manage formatters in trigger (git-fixes).
* ASoC: meson: cards: select SND_DYNAMIC_MINORS (git-fixes).
* ASoC: soc-core.c: Skip dummy codec when adding platforms (stable-fixes).
* ASoC: tegra: Fix DSPK 16-bit playback (git-fixes).
* ASoC: ti: davinci-mcasp: Fix race condition during probe (git-fixes).
* Bluetooth: Add new quirk for broken read key length on ATS2851 (git-fixes).
* Bluetooth: Fix TOCTOU in HCI debugfs implementation (git-fixes).
* Bluetooth: Fix memory leak in hci_req_sync_complete() (git-fixes).
* Bluetooth: Fix type of len in {l2cap,sco}_sock_getsockopt_old() (stable-
fixes).
* Bluetooth: L2CAP: Fix not validating setsockopt user input (git-fixes).
* Bluetooth: RFCOMM: Fix not validating setsockopt user input (git-fixes).
* Bluetooth: SCO: Fix not validating setsockopt user input (git-fixes).
* Bluetooth: add quirk for broken address properties (git-fixes).
* Bluetooth: btintel: Fix null ptr deref in btintel_read_version (stable-
fixes).
* Bluetooth: btintel: Fixe build regression (git-fixes).
* Bluetooth: btusb: Add Realtek RTL8852BE support ID 0x0bda:0x4853 (stable-
fixes).
* Bluetooth: hci_event: Fix sending HCI_OP_READ_ENC_KEY_SIZE (git-fixes).
* Bluetooth: hci_event: set the conn encrypted before conn establishes
(stable-fixes).
* Bluetooth: hci_sock: Fix not validating setsockopt user input (git-fixes).
* Bluetooth: qca: fix NULL-deref on non-serdev suspend (git-fixes).
* Documentation: Add missing documentation for EXPORT_OP flags (stable-fixes).
* HID: intel-ish-hid: ipc: Fix dev_err usage with uninitialized dev->devc
(git-fixes).
* HID: logitech-dj: allow mice to use all types of reports (git-fixes).
* HID: uhid: Use READ_ONCE()/WRITE_ONCE() for ->running (stable-fixes).
* Input: allocate keycode for Display refresh rate toggle (stable-fixes).
* Input: synaptics-rmi4 - fail probing if memory allocation for "phys" fails
(stable-fixes).
* NFC: trf7970a: disable all regulators on removal (git-fixes).
* NFS: avoid spurious warning of lost lock that is being unlocked
(bsc#1221791).
* PCI/AER: Block runtime suspend when handling errors (git-fixes).
* PCI/DPC: Quirk PIO log size for Intel Ice Lake Root Ports (git-fixes).
* PCI/DPC: Quirk PIO log size for Intel Raptor Lake Root Ports (git-fixes).
* PCI/DPC: Quirk PIO log size for certain Intel Root Ports (git-fixes).
* PCI/PM: Drain runtime-idle callbacks before driver removal (git-fixes).
* PCI: Drop pci_device_remove() test of pci_dev->driver (git-fixes).
* PCI: rpaphp: Error out on busy status from get-sensor-state (bsc#1223369
ltc#205888).
* RAS: Avoid build errors when CONFIG_DEBUG_FS=n (jsc#PED-7619).
* RDMA/cm: Print the old state when cm_destroy_id gets timeout (git-fixes).
* RDMA/cm: add timeout to cm_destroy_id wait (git-fixes)
* README.BRANCH: Correct email address for Petr Tesarik
* README.BRANCH: Remove copy of branch name
* Reapply "drm/qxl: simplify qxl_fence_wait" (stable-fixes).
* Revert "ACPI: PM: Block ASUS B1400CEAE from suspend to idle by default"
(stable-fixes).
* Revert "drm/qxl: simplify qxl_fence_wait" (git-fixes).
* Revert "ice: Fix ice VF reset during iavf initialization (jsc#PED-376)."
(bsc#1223275)
* Revert "usb: cdc-wdm: close race between read and workqueue" (git-fixes).
* Revert "usb: phy: generic: Get the vbus supply" (git-fixes).
* USB: UAS: return ENODEV when submit urbs fail with device not attached
(stable-fixes).
* USB: serial: add device ID for VeriFone adapter (stable-fixes).
* USB: serial: cp210x: add ID for MGP Instruments PDS100 (stable-fixes).
* USB: serial: cp210x: add pid/vid for TDK NC0110013M and MM0110113M (stable-
fixes).
* USB: serial: ftdi_sio: add support for GMC Z216C Adapter IR-USB (stable-
fixes).
* USB: serial: option: add Fibocom FM135-GL variants (stable-fixes).
* USB: serial: option: add Lonsung U8300/U9300 product (stable-fixes).
* USB: serial: option: add MeiG Smart SLM320 product (stable-fixes).
* USB: serial: option: add Rolling RW101-GL and RW135-GL support (stable-
fixes).
* USB: serial: option: add Telit FN920C04 rmnet compositions (stable-fixes).
* USB: serial: option: add support for Fibocom FM650/FG650 (stable-fixes).
* USB: serial: option: support Quectel EM060K sub-models (stable-fixes).
* ahci: asm1064: asm1166: do not limit reported ports (git-fixes).
* ahci: asm1064: correct count of reported ports (stable-fixes).
* arm64: dts: imx8-ss-conn: fix usdhc wrong lpcg clock order (git-fixes)
* arm64: dts: rockchip: Remove unsupported node from the Pinebook Pro (git-
fixes)
* arm64: dts: rockchip: enable internal pull-up for Q7_THRM# on RK3399 (git-
fixes)
* arm64: dts: rockchip: enable internal pull-up on PCIE_WAKE# for (git-fixes)
* arm64: dts: rockchip: enable internal pull-up on Q7_USB_ID for RK3399 (git-
fixes)
* arm64: dts: rockchip: fix rk3328 hdmi ports node (git-fixes)
* arm64: dts: rockchip: fix rk3399 hdmi ports node (git-fixes)
* arm64: hibernate: Fix level3 translation fault in swsusp_save() (git-fixes).
* ax25: fix use-after-free bugs caused by ax25_ds_del_timer (git-fixes).
* batman-adv: Avoid infinite loop trying to resize local TT (git-fixes).
* bcache: Fix __bch_btree_node_alloc to make the failure behavior consistent
(git-fixes).
* bcache: Remove dead references to cache_readaheads (git-fixes).
* bcache: Remove unnecessary NULL point check in node allocations (git-fixes).
* bcache: add code comments for bch_btree_node_get() and
__bch_btree_node_alloc() (git-fixes).
* bcache: avoid NULL checking to c->root in run_cache_set() (git-fixes).
* bcache: avoid oversize memory allocation by small stripe_size (git-fixes).
* bcache: bset: Fix comment typos (git-fixes).
* bcache: check return value from btree_node_alloc_replacement() (git-fixes).
* bcache: fix NULL pointer reference in cached_dev_detach_finish (git-fixes).
* bcache: fix error info in register_bcache() (git-fixes).
* bcache: fixup bcache_dev_sectors_dirty_add() multithreaded CPU false sharing
(git-fixes).
* bcache: fixup btree_cache_wait list damage (git-fixes).
* bcache: fixup init dirty data errors (git-fixes).
* bcache: fixup lock c->root error (git-fixes).
* bcache: fixup multi-threaded bch_sectors_dirty_init() wake-up race (git-
fixes).
* bcache: move calc_cached_dev_sectors to proper place on backing device
detach (git-fixes).
* bcache: move uapi header bcache.h to bcache code directory (git-fixes).
* bcache: prevent potential division by zero error (git-fixes).
* bcache: remove EXPERIMENTAL for Kconfig option 'Asynchronous device
registration' (git-fixes).
* bcache: remove redundant assignment to variable cur_idx (git-fixes).
* bcache: remove the backing_dev_name field from struct cached_dev (git-
fixes).
* bcache: remove the cache_dev_name field from struct cache (git-fixes).
* bcache: remove unnecessary flush_workqueue (git-fixes).
* bcache: remove unused bch_mark_cache_readahead function def in stats.h (git-
fixes).
* bcache: replace a mistaken IS_ERR() by IS_ERR_OR_NULL() in
btree_gc_coalesce() (git-fixes).
* bcache: replace snprintf in show functions with sysfs_emit (git-fixes).
* bcache: revert replacing IS_ERR_OR_NULL with IS_ERR (git-fixes).
* bcache: use bvec_kmap_local in bch_data_verify (git-fixes).
* bcache: use bvec_kmap_local in bio_csum (git-fixes).
* bcache: use default_groups in kobj_type (git-fixes).
* bcache:: fix repeated words in comments (git-fixes).
* ceph: stop copying to iter at EOF on sync reads (bsc#1223068).
* ceph: switch to corrected encoding of max_xattr_size in mdsmap
(bsc#1223067).
* clk: Get runtime PM before walking tree during disable_unused (git-fixes).
* clk: Initialize struct clk_core kref earlier (stable-fixes).
* clk: Mark 'all_lists' as const (stable-fixes).
* clk: Print an info line before disabling unused clocks (stable-fixes).
* clk: Remove prepare_lock hold assertion in __clk_release() (git-fixes).
* clk: remove extra empty line (stable-fixes).
* comedi: vmk80xx: fix incomplete endpoint checking (git-fixes).
* dm cache policy smq: ensure IO does not prevent cleaner policy progress
(git-fixes).
* dm cache: add cond_resched() to various workqueue loops (git-fixes).
* dm clone: call kmem_cache_destroy() in dm_clone_init() error path (git-
fixes).
* dm crypt: add cond_resched() to dmcrypt_write() (git-fixes).
* dm crypt: avoid accessing uninitialized tasklet (git-fixes).
* dm flakey: do not corrupt the zero page (git-fixes).
* dm flakey: fix a bug with 32-bit highmem systems (git-fixes).
* dm flakey: fix a crash with invalid table line (git-fixes).
* dm flakey: fix logic when corrupting a bio (git-fixes).
* dm init: add dm-mod.waitfor to wait for asynchronously probed block devices
(git-fixes).
* dm integrity: call kmem_cache_destroy() in dm_integrity_init() error path
(git-fixes).
* dm integrity: fix out-of-range warning (git-fixes).
* dm integrity: reduce vmalloc space footprint on 32-bit architectures (git-
fixes).
* dm raid: clean up four equivalent goto tags in raid_ctr() (git-fixes).
* dm raid: fix false positive for requeue needed during reshape (git-fixes).
* dm raid: fix missing reconfig_mutex unlock in raid_ctr() error paths (git-
fixes).
* dm stats: check for and propagate alloc_percpu failure (git-fixes).
* dm thin metadata: Fix ABBA deadlock by resetting dm_bufio_client (git-
fixes).
* dm thin metadata: check fail_io before using data_sm (git-fixes).
* dm thin: add cond_resched() to various workqueue loops (git-fixes).
* dm thin: fix deadlock when swapping to thin device (bsc#1177529).
* dm verity: do not perform FEC for failed readahead IO (git-fixes).
* dm verity: fix error handling for check_at_most_once on FEC (git-fixes).
* dm zoned: free dmz->ddev array in dmz_put_zoned_devices (git-fixes).
* dm-delay: fix a race between delay_presuspend and delay_bio (git-fixes).
* dm-integrity: do not modify bio's immutable bio_vec in integrity_metadata()
(git-fixes).
* dm-raid: fix lockdep waring in "pers->hot_add_disk" (git-fixes).
* dm-verity, dm-crypt: align "struct bvec_iter" correctly (git-fixes).
* dm-verity: align struct dm_verity_fec_io properly (git-fixes).
* dm: add cond_resched() to dm_wq_work() (git-fixes).
* dm: call the resume method on internal suspend (git-fixes).
* dm: do not lock fs when the map is NULL during suspend or resume (git-
fixes).
* dm: do not lock fs when the map is NULL in process of resume (git-fixes).
* dm: remove flush_scheduled_work() during local_exit() (git-fixes).
* dm: send just one event on resize, not two (git-fixes).
* dma: xilinx_dpdma: Fix locking (git-fixes).
* dmaengine: idxd: Fix oops during rmmod on single-CPU platforms (git-fixes).
* dmaengine: owl: fix register access functions (git-fixes).
* dmaengine: tegra186: Fix residual calculation (git-fixes).
* docs: Document the FAN_FS_ERROR event (stable-fixes).
* drm-print: add drm_dbg_driver to improve namespace symmetry (stable-fixes).
* drm/amd/display: Do not recursively call manual trigger programming (stable-
fixes).
* drm/amd/display: Fix nanosec stat overflow (stable-fixes).
* drm/amd/display: fix disable otg wa logic in DCN316 (stable-fixes).
* drm/amd/pm: fixes a random hang in S4 for SMU v13.0.4/11 (stable-fixes).
* drm/amdgpu/sdma5.2: use legacy HDP flush for SDMA2/3 (stable-fixes).
* drm/amdgpu: Fix leak when GPU memory allocation fails (stable-fixes).
* drm/amdgpu: Reset dGPU if suspend got aborted (stable-fixes).
* drm/amdgpu: always force full reset for SOC21 (stable-fixes).
* drm/amdgpu: fix incorrect active rb bitmap for gfx11 (stable-fixes).
* drm/amdgpu: fix incorrect number of active RBs for gfx11 (stable-fixes).
* drm/amdgpu: once more fix the call oder in amdgpu_ttm_move() v2 (git-fixes).
* drm/amdgpu: validate the parameters of bo mapping operations more clearly
(git-fixes).
* drm/amdkfd: Reset GPU on queue preemption failure (stable-fixes).
* drm/ast: Fix soft lockup (git-fixes).
* drm/client: Fully protect modes[] with dev->mode_config.mutex (stable-
fixes).
* drm/i915/cdclk: Fix CDCLK programming order when pipes are active (git-
fixes).
* drm/i915/vrr: Disable VRR when using bigjoiner (stable-fixes).
* drm/i915: Disable port sync when bigjoiner is used (stable-fixes).
* drm/msm/dp: fix typo in dp_display_handle_port_status_changed() (git-fixes).
* drm/nouveau/nvkm: add a replacement for nvkm_notify (bsc#1223834)
* drm/panel: ili9341: Respect deferred probe (git-fixes).
* drm/panel: ili9341: Use predefined error codes (git-fixes).
* drm/panel: visionox-rm69299: do not unregister DSI device (git-fixes).
* drm/vc4: do not check if plane->state->fb == state->fb (stable-fixes).
* drm/vmwgfx: Enable DMA mappings with SEV (git-fixes).
* drm/vmwgfx: Fix crtc's atomic check conditional (git-fixes).
* drm/vmwgfx: Fix invalid reads in fence signaled events (git-fixes).
* drm/vmwgfx: Sort primary plane formats by order of preference (git-fixes).
* drm: nv04: Fix out of bounds access (git-fixes).
* drm: panel-orientation-quirks: Add quirk for GPD Win Mini (stable-fixes).
* drm: panel-orientation-quirks: Add quirk for Lenovo Legion Go (stable-
fixes).
* dump_stack: Do not get cpu_sync for panic CPU (bsc#1223574).
* fbdev: fix incorrect address computation in deferred IO (git-fixes).
* fbdev: viafb: fix typo in hw_bitblt_1 and hw_bitblt_2 (stable-fixes).
* fbmon: prevent division by zero in fb_videomode_from_videomode() (stable-
fixes).
* fix build warning
* fuse: do not unhash root (bsc#1223951).
* fuse: fix root lookup with nonzero generation (bsc#1223950).
* hwmon: (amc6821) add of_match table (stable-fixes).
* i2c: pxa: hide unused icr_bits[] variable (git-fixes).
* i2c: smbus: fix NULL function pointer dereference (git-fixes).
* i40e: Fix VF MAC filter removal (git-fixes).
* idma64: Do not try to serve interrupts when device is powered off (git-
fixes).
* iio: accel: mxc4005: Interrupt handling fixes (git-fixes).
* iio:imu: adis16475: Fix sync mode setting (git-fixes).
* init/main.c: Fix potential static_command_line memory overflow (git-fixes).
* iommu/amd: Add a length limitation for the ivrs_acpihid command-line
parameter (git-fixes).
* iommu/amd: Do not block updates to GATag if guest mode is on (git-fixes).
* iommu/amd: Fix "Guest Virtual APIC Table Root Pointer" configuration in IRTE
(git-fixes).
* iommu/amd: Fix domain flush size when syncing iotlb (git-fixes).
* iommu/amd: Fix error handling for pdev_pri_ats_enable() (git-fixes).
* iommu/arm-smmu-qcom: Limit the SMR groups to 128 (git-fixes).
* iommu/arm-smmu-v3: Acknowledge pri/event queue overflow if any (git-fixes).
* iommu/arm-smmu-v3: Work around MMU-600 erratum 1076982 (git-fixes).
* iommu/fsl: fix all kernel-doc warnings in fsl_pamu.c (git-fixes).
* iommu/iova: Fix alloc iova overflows issue (git-fixes).
* iommu/mediatek: Flush IOTLB completely only if domain has been attached
(git-fixes).
* iommu/rockchip: Fix unwind goto issue (git-fixes).
* iommu/sprd: Release dma buffer to avoid memory leak (git-fixes).
* iommu/vt-d: Allocate local memory for page request queue (git-fixes).
* iommu/vt-d: Allow zero SAGAW if second-stage not supported (git-fixes).
* iommu/vt-d: Fix error handling in sva enable/disable paths (git-fixes).
* iommu: Fix error unwind in iommu_group_alloc() (git-fixes).
* ipv6/addrconf: fix a potential refcount underflow for idev (git-fixes).
* kABI: Adjust trace_iterator.wait_index (git-fixes).
* kprobes: Fix double free of kretprobe_holder (bsc#1220901).
* kprobes: Fix possible use-after-free issue on kprobe registration (git-
fixes).
* libnvdimm/of_pmem: Use devm_kstrdup instead of kstrdup and check its return
value (git-fixes).
* libnvdimm/region: Allow setting align attribute on regions without mappings
(git-fixes).
* livepatch: Fix missing newline character in klp_resolve_symbols()
(bsc#1223539).
* md/raid1: fix choose next idle in read_balance() (git-fixes).
* md: Do not clear MD_CLOSING when the raid is about to stop (git-fixes).
* md: do not clear MD_RECOVERY_FROZEN for new dm-raid until resume (git-
fixes).
* media: cec: core: remove length check of Timer Status (stable-fixes).
* media: sta2x11: fix irq handler cast (stable-fixes).
* mei: me: add arrow lake point H DID (stable-fixes).
* mei: me: add arrow lake point S DID (stable-fixes).
* mei: me: disable RPL-S on SPS and IGN firmwares (git-fixes).
* mm/vmscan: make sure wakeup_kswapd with managed zone (bsc#1223473).
* mmc: sdhci-msm: pervent access to suspended controller (git-fixes).
* mtd: diskonchip: work around ubsan link failure (stable-fixes).
* nd_btt: Make BTT lanes preemptible (git-fixes).
* net: bridge: vlan: fix memory leak in __allowed_ingress (git-fixes).
* net: fix a memleak when uncloning an skb dst and its metadata (git-fixes).
* net: fix skb leak in __skb_tstamp_tx() (git-fixes).
* net: ipv6: ensure we call ipv6_mc_down() at most once (git-fixes).
* net: mld: fix reference count leak in mld_{query | report}_work() (git-
fixes).
* net: stream: purge sk_error_queue in sk_stream_kill_queues() (git-fixes).
* net: usb: ax88179_178a: avoid the interface always configured as random
address (git-fixes).
* net: usb: ax88179_178a: avoid writing the mac address before first reading
(git-fixes).
* net: usb: ax88179_178a: stop lying about skb->truesize (git-fixes).
* net: vlan: fix underflow for the real_dev refcnt (git-fixes).
* netfilter: br_netfilter: Drop dst references before setting (git-fixes).
* netfilter: ipt_CLUSTERIP: fix refcount leak in clusterip_tg_check() (git-
fixes).
* netfilter: nft_ct: fix l3num expectations with inet pseudo family (git-
fixes).
* nfsd: Fixed mount issue with KOTD (bsc#1223380 bsc#1217408 bsc#1223640).
* nfsd: use __fput_sync() to avoid delayed closing of files (bsc#1223380
bsc#1217408).
* nilfs2: fix OOB in nilfs_set_de_type (git-fixes).
* nilfs2: fix OOB in nilfs_set_de_type (git-fixes).
* nouveau: fix function cast warning (git-fixes).
* nouveau: fix instmem race condition around ptr stores (git-fixes).
* nvdimm/namespace: drop nested variable in create_namespace_pmem() (git-
fixes).
* nvdimm: Allow overwrite in the presence of disabled dimms (git-fixes).
* nvdimm: Fix badblocks clear off-by-one error (git-fixes).
* nvdimm: Fix dereference after free in register_nvdimm_pmu() (git-fixes).
* nvdimm: Fix firmware activation deadlock scenarios (git-fixes).
* nvdimm: Fix memleak of pmu attr_groups in unregister_nvdimm_pmu() (git-
fixes).
* pci_iounmap(): Fix MMIO mapping leak (git-fixes).
* phy: tegra: xusb: Add API to retrieve the port number of phy (stable-fixes).
* pinctrl: renesas: checker: Limit cfg reg enum checks to provided IDs
(stable-fixes).
* platform/x86: intel-vbtn: Update tablet mode switch at end of probe (git-
fixes).
* platform/x86: touchscreen_dmi: Add an extra entry for a variant of the Chuwi
Vi8 tablet (stable-fixes).
* powerpc/kasan: Do not instrument non-maskable or raw interrupts
(bsc#1223191).
* powerpc/pseries/iommu: LPAR panics when rebooted with a frozen PE
(bsc#1222011 ltc#205900).
* powerpc/rtas: define pr_fmt and convert printk call sites (bsc#1223369
ltc#205888).
* powerpc/rtas: export rtas_error_rc() for reuse (bsc#1223369 ltc#205888).
* powerpc: Avoid nmi_enter/nmi_exit in real mode interrupt (bsc#1221645
ltc#205739 bsc#1223191).
* powerpc: Refactor verification of MSR_RI (bsc#1223191).
* printk: Add this_cpu_in_panic() (bsc#1223574).
* printk: Adjust mapping for 32bit seq macros (bsc#1223574).
* printk: Avoid non-panic CPUs writing to ringbuffer (bsc#1223574).
* printk: Disable passing console lock owner completely during panic()
(bsc#1223574).
* printk: Drop console_sem during panic (bsc#1223574).
* printk: Rename abandon_console_lock_in_panic() to other_cpu_in_panic()
(bsc#1223574).
* printk: Use prb_first_seq() as base for 32bit seq macros (bsc#1223574).
* printk: Wait for all reserved records with pr_flush() (bsc#1223574).
* printk: nbcon: Relocate 32bit seq macros (bsc#1223574).
* printk: ringbuffer: Clarify special lpos values (bsc#1223574).
* printk: ringbuffer: Cleanup reader terminology (bsc#1223574).
* printk: ringbuffer: Do not skip non-finalized records with prb_next_seq()
(bsc#1223574).
* printk: ringbuffer: Improve prb_next_seq() performance (bsc#1223574).
* printk: ringbuffer: Skip non-finalized records in panic (bsc#1223574).
* pstore/zone: Add a null pointer check to the psz_kmsg_read (stable-fixes).
* ring-buffer: Do not set shortest_full when full target is hit (git-fixes).
* ring-buffer: Fix full_waiters_pending in poll (git-fixes).
* ring-buffer: Fix resetting of shortest_full (git-fixes).
* ring-buffer: Fix waking up ring buffer readers (git-fixes).
* ring-buffer: Make wake once of ring_buffer_wait() more robust (git-fixes).
* ring-buffer: Use wait_event_interruptible() in ring_buffer_wait() (git-
fixes).
* ring-buffer: use READ_ONCE() to read cpu_buffer->commit_page in concurrent
environment (git-fixes).
* s390/cio: Ensure the copied buf is NUL terminated (git-fixes bsc#1223875).
* s390/decompressor: fix misaligned symbol build error (git-fixes
bsc#1223785).
* s390/mm: Fix clearing storage keys for huge pages (git-fixes bsc#1223877).
* s390/mm: Fix storage key clearing for guest huge pages (git-fixes
bsc#1223878).
* s390/qeth: Fix kernel panic after setting hsuid (git-fixes bsc#1223879).
* s390/scm: fix virtual vs physical address confusion (git-fixes bsc#1223784).
* s390/vdso: Add CFI for RA register to asm macro vdso_func (git-fixes
bsc#1223876).
* s390/vdso: drop '-fPIC' from LDFLAGS (git-fixes bsc#1223598).
* s390/zcrypt: fix reference counting on zcrypt card objects (git-fixes
bsc#1223595).
* s390: Fixed LPM of lpar failure with error HSCLA2CF in 19th loops
(jsc#PED-542 git-fixes bsc#1213573 ltc#203238).
* s390: Fixed kernel backtrack (bsc#1141539 git-fixes).
* serial/pmac_zilog: Remove flawed mitigation for rx irq flood (git-fixes).
* serial: core: Provide port lock wrappers (stable-fixes).
* serial: core: fix kernel-doc for uart_port_unlock_irqrestore() (git-fixes).
* serial: mxs-auart: add spinlock around changing cts state (git-fixes).
* slimbus: qcom-ngd-ctrl: Add timeout for wait operation (git-fixes).
* speakup: Avoid crash on very long word (git-fixes).
* speakup: Fix 8bit characters from direct synth (git-fixes).
* tcp/udp: Fix memleaks of sk and zerocopy skbs with TX timestamp (git-fixes).
* thunderbolt: Avoid notify PM core about runtime PM resume (stable-fixes).
* thunderbolt: Fix wake configurations after device unplug (stable-fixes).
* tracing/net_sched: Fix tracepoints that save qdisc_dev() as a string (git-
fixes).
* tracing/ring-buffer: Fix wait_on_pipe() race (git-fixes).
* tracing: Have saved_cmdlines arrays all in one allocation (git-fixes).
* tracing: Remove precision vsnprintf() check from print event (git-fixes).
* tracing: Show size of requested perf buffer (git-fixes).
* tracing: Use .flush() call to wake up readers (git-fixes).
* usb: Disable USB3 LPM at shutdown (stable-fixes).
* usb: Fix regression caused by invalid ep0 maxpacket in virtual SuperSpeed
device (git-fixes).
* usb: dwc2: host: Fix dereference issue in DDMA completion flow (git-fixes).
* usb: gadget: composite: fix OS descriptors w_value logic (git-fixes).
* usb: gadget: f_fs: Fix a race condition when processing setup packets (git-
fixes).
* usb: gadget: f_ncm: Fix UAF ncm object at re-bind after usb ep transport
error (stable-fixes).
* usb: gadget: tegra-xudc: Fix USB3 PHY retrieval logic (git-fixes).
* usb: ohci: Prevent missed ohci interrupts (git-fixes).
* usb: sl811-hcd: only defined function checkdone if QUIRK2 is defined
(stable-fixes).
* usb: typec: tcpci: add generic tcpci fallback compatible (stable-fixes).
* usb: typec: tcpm: Check for port partner validity before consuming it (git-
fixes).
* usb: typec: tcpm: unregister existing source caps before re-registration
(bsc#1220569).
* usb: typec: ucsi: Ack unsupported commands (stable-fixes).
* usb: typec: ucsi: Clear UCSI_CCI_RESET_COMPLETE before reset (stable-fixes).
* usb: typec: ucsi: Fix connector check on init (git-fixes).
* usb: udc: remove warning when queue disabled ep (stable-fixes).
* vdpa/mlx5: Allow CVQ size changes (git-fixes).
* virtio: treat alloc_dax() -EOPNOTSUPP failure as non-fatal (bsc#1223949).
* wifi: ath9k: fix LNA selection in ath_ant_try_scan() (stable-fixes).
* wifi: iwlwifi: mvm: remove old PASN station when adding a new one (git-
fixes).
* wifi: iwlwifi: mvm: return uid from iwl_mvm_build_scan_cmd (git-fixes).
* wifi: mac80211: check/clear fast rx for non-4addr sta VLAN changes (stable-
fixes).
* wifi: nl80211: do not free NULL coalescing rule (git-fixes).
* x86/cpufeatures: Fix dependencies for GFNI, VAES, and VPCLMULQDQ (git-
fixes).
* x86/mm: Ensure input to pfn_to_kaddr() is treated as a 64-bit type
(jsc#PED-7167 git-fixes).
* x86/sev: Skip ROM range scans and validation for SEV-SNP guests
(jsc#PED-7167 git-fixes).
* x86/xen: Add some null pointer checking to smp.c (git-fixes).
* x86/xen: add CPU dependencies for 32-bit build (git-fixes).
* x86/xen: fix percpu vcpu_info allocation (git-fixes).
* xen-netback: properly sync TX responses (git-fixes).
* xen-netfront: Add missing skb_mark_for_recycle (git-fixes).
* xen/gntdev: Fix the abuse of underlying struct page in DMA-buf import (git-
fixes).
* xen/xenbus: document will_handle argument for xenbus_watch_path() (git-
fixes).
* xfrm6: fix inet6_dev refcount underflow problem (git-fixes).

## Special Instructions and Notes:

* Please reboot the system after installing this update.

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.5
zypper in -t patch SUSE-2024-1663=1 openSUSE-SLE-15.5-2024-1663=1

* SUSE Linux Enterprise Micro 5.5
zypper in -t patch SUSE-SLE-Micro-5.5-2024-1663=1

* SUSE Linux Enterprise Live Patching 15-SP5
zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2024-1663=1

* SUSE Real Time Module 15-SP5
zypper in -t patch SUSE-SLE-Module-RT-15-SP5-2024-1663=1

## Package List:

* openSUSE Leap 15.5 (noarch)
* kernel-devel-rt-5.14.21-150500.13.52.1
* kernel-source-rt-5.14.21-150500.13.52.1
* openSUSE Leap 15.5 (x86_64)
* gfs2-kmp-rt-5.14.21-150500.13.52.1
* kernel-rt-extra-debuginfo-5.14.21-150500.13.52.1
* kernel-rt_debug-debuginfo-5.14.21-150500.13.52.1
* kernel-rt-livepatch-devel-5.14.21-150500.13.52.1
* kernel-livepatch-5_14_21-150500_13_52-rt-1-150500.11.5.1
* reiserfs-kmp-rt-5.14.21-150500.13.52.1
* kernel-rt-optional-debuginfo-5.14.21-150500.13.52.1
* kernel-rt_debug-debugsource-5.14.21-150500.13.52.1
* kernel-rt-debugsource-5.14.21-150500.13.52.1
* dlm-kmp-rt-5.14.21-150500.13.52.1
* kernel-rt-optional-5.14.21-150500.13.52.1
* kselftests-kmp-rt-debuginfo-5.14.21-150500.13.52.1
* dlm-kmp-rt-debuginfo-5.14.21-150500.13.52.1
* kernel-rt-extra-5.14.21-150500.13.52.1
* kernel-syms-rt-5.14.21-150500.13.52.1
* gfs2-kmp-rt-debuginfo-5.14.21-150500.13.52.1
* kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource-1-150500.11.5.1
* kernel-rt_debug-devel-5.14.21-150500.13.52.1
* kernel-rt_debug-devel-debuginfo-5.14.21-150500.13.52.1
* kernel-rt_debug-vdso-5.14.21-150500.13.52.1
* kernel-rt_debug-livepatch-devel-5.14.21-150500.13.52.1
* kernel-rt-debuginfo-5.14.21-150500.13.52.1
* ocfs2-kmp-rt-5.14.21-150500.13.52.1
* kernel-rt-livepatch-5.14.21-150500.13.52.1
* kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo-1-150500.11.5.1
* cluster-md-kmp-rt-debuginfo-5.14.21-150500.13.52.1
* kselftests-kmp-rt-5.14.21-150500.13.52.1
* kernel-rt-vdso-5.14.21-150500.13.52.1
* cluster-md-kmp-rt-5.14.21-150500.13.52.1
* ocfs2-kmp-rt-debuginfo-5.14.21-150500.13.52.1
* kernel-rt-devel-5.14.21-150500.13.52.1
* kernel-rt-devel-debuginfo-5.14.21-150500.13.52.1
* kernel-rt-vdso-debuginfo-5.14.21-150500.13.52.1
* reiserfs-kmp-rt-debuginfo-5.14.21-150500.13.52.1
* kernel-rt_debug-vdso-debuginfo-5.14.21-150500.13.52.1
* openSUSE Leap 15.5 (nosrc x86_64)
* kernel-rt-5.14.21-150500.13.52.1
* kernel-rt_debug-5.14.21-150500.13.52.1
* SUSE Linux Enterprise Micro 5.5 (nosrc x86_64)
* kernel-rt-5.14.21-150500.13.52.1
* SUSE Linux Enterprise Micro 5.5 (x86_64)
* kernel-rt-debuginfo-5.14.21-150500.13.52.1
* kernel-rt-debugsource-5.14.21-150500.13.52.1
* SUSE Linux Enterprise Micro 5.5 (noarch)
* kernel-source-rt-5.14.21-150500.13.52.1
* SUSE Linux Enterprise Live Patching 15-SP5 (x86_64)
* kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo-1-150500.11.5.1
* kernel-livepatch-5_14_21-150500_13_52-rt-1-150500.11.5.1
* kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource-1-150500.11.5.1
* SUSE Real Time Module 15-SP5 (x86_64)
* gfs2-kmp-rt-5.14.21-150500.13.52.1
* kernel-rt_debug-debuginfo-5.14.21-150500.13.52.1
* kernel-rt_debug-debugsource-5.14.21-150500.13.52.1
* kernel-rt-debugsource-5.14.21-150500.13.52.1
* dlm-kmp-rt-5.14.21-150500.13.52.1
* dlm-kmp-rt-debuginfo-5.14.21-150500.13.52.1
* kernel-syms-rt-5.14.21-150500.13.52.1
* gfs2-kmp-rt-debuginfo-5.14.21-150500.13.52.1
* kernel-rt_debug-devel-debuginfo-5.14.21-150500.13.52.1
* kernel-rt_debug-devel-5.14.21-150500.13.52.1
* kernel-rt_debug-vdso-5.14.21-150500.13.52.1
* kernel-rt-debuginfo-5.14.21-150500.13.52.1
* ocfs2-kmp-rt-5.14.21-150500.13.52.1
* cluster-md-kmp-rt-debuginfo-5.14.21-150500.13.52.1
* kernel-rt-vdso-5.14.21-150500.13.52.1
* cluster-md-kmp-rt-5.14.21-150500.13.52.1
* ocfs2-kmp-rt-debuginfo-5.14.21-150500.13.52.1
* kernel-rt-devel-5.14.21-150500.13.52.1
* kernel-rt-devel-debuginfo-5.14.21-150500.13.52.1
* kernel-rt-vdso-debuginfo-5.14.21-150500.13.52.1
* kernel-rt_debug-vdso-debuginfo-5.14.21-150500.13.52.1
* SUSE Real Time Module 15-SP5 (noarch)
* kernel-devel-rt-5.14.21-150500.13.52.1
* kernel-source-rt-5.14.21-150500.13.52.1
* SUSE Real Time Module 15-SP5 (nosrc x86_64)
* kernel-rt-5.14.21-150500.13.52.1
* kernel-rt_debug-5.14.21-150500.13.52.1

## References:

* https://www.suse.com/security/cve/CVE-2021-47047.html
* https://www.suse.com/security/cve/CVE-2021-47181.html
* https://www.suse.com/security/cve/CVE-2021-47182.html
* https://www.suse.com/security/cve/CVE-2021-47183.html
* https://www.suse.com/security/cve/CVE-2021-47184.html
* https://www.suse.com/security/cve/CVE-2021-47185.html
* https://www.suse.com/security/cve/CVE-2021-47187.html
* https://www.suse.com/security/cve/CVE-2021-47188.html
* https://www.suse.com/security/cve/CVE-2021-47189.html
* https://www.suse.com/security/cve/CVE-2021-47191.html
* https://www.suse.com/security/cve/CVE-2021-47192.html
* https://www.suse.com/security/cve/CVE-2021-47193.html
* https://www.suse.com/security/cve/CVE-2021-47194.html
* https://www.suse.com/security/cve/CVE-2021-47195.html
* https://www.suse.com/security/cve/CVE-2021-47196.html
* https://www.suse.com/security/cve/CVE-2021-47197.html
* https://www.suse.com/security/cve/CVE-2021-47198.html
* https://www.suse.com/security/cve/CVE-2021-47199.html
* https://www.suse.com/security/cve/CVE-2021-47200.html
* https://www.suse.com/security/cve/CVE-2021-47201.html
* https://www.suse.com/security/cve/CVE-2021-47202.html
* https://www.suse.com/security/cve/CVE-2021-47203.html
* https://www.suse.com/security/cve/CVE-2021-47204.html
* https://www.suse.com/security/cve/CVE-2021-47205.html
* https://www.suse.com/security/cve/CVE-2021-47206.html
* https://www.suse.com/security/cve/CVE-2021-47207.html
* https://www.suse.com/security/cve/CVE-2021-47209.html
* https://www.suse.com/security/cve/CVE-2021-47210.html
* https://www.suse.com/security/cve/CVE-2021-47211.html
* https://www.suse.com/security/cve/CVE-2021-47212.html
* https://www.suse.com/security/cve/CVE-2021-47214.html
* https://www.suse.com/security/cve/CVE-2021-47215.html
* https://www.suse.com/security/cve/CVE-2021-47216.html
* https://www.suse.com/security/cve/CVE-2021-47217.html
* https://www.suse.com/security/cve/CVE-2021-47218.html
* https://www.suse.com/security/cve/CVE-2021-47219.html
* https://www.suse.com/security/cve/CVE-2022-48631.html
* https://www.suse.com/security/cve/CVE-2022-48632.html
* https://www.suse.com/security/cve/CVE-2022-48634.html
* https://www.suse.com/security/cve/CVE-2022-48636.html
* https://www.suse.com/security/cve/CVE-2022-48637.html
* https://www.suse.com/security/cve/CVE-2022-48638.html
* https://www.suse.com/security/cve/CVE-2022-48639.html
* https://www.suse.com/security/cve/CVE-2022-48640.html
* https://www.suse.com/security/cve/CVE-2022-48642.html
* https://www.suse.com/security/cve/CVE-2022-48644.html
* https://www.suse.com/security/cve/CVE-2022-48646.html
* https://www.suse.com/security/cve/CVE-2022-48647.html
* https://www.suse.com/security/cve/CVE-2022-48648.html
* https://www.suse.com/security/cve/CVE-2022-48650.html
* https://www.suse.com/security/cve/CVE-2022-48651.html
* https://www.suse.com/security/cve/CVE-2022-48652.html
* https://www.suse.com/security/cve/CVE-2022-48653.html
* https://www.suse.com/security/cve/CVE-2022-48654.html
* https://www.suse.com/security/cve/CVE-2022-48655.html
* https://www.suse.com/security/cve/CVE-2022-48656.html
* https://www.suse.com/security/cve/CVE-2022-48657.html
* https://www.suse.com/security/cve/CVE-2022-48658.html
* https://www.suse.com/security/cve/CVE-2022-48659.html
* https://www.suse.com/security/cve/CVE-2022-48660.html
* https://www.suse.com/security/cve/CVE-2022-48662.html
* https://www.suse.com/security/cve/CVE-2022-48663.html
* https://www.suse.com/security/cve/CVE-2022-48667.html
* https://www.suse.com/security/cve/CVE-2022-48668.html
* https://www.suse.com/security/cve/CVE-2022-48671.html
* https://www.suse.com/security/cve/CVE-2022-48672.html
* https://www.suse.com/security/cve/CVE-2022-48673.html
* https://www.suse.com/security/cve/CVE-2022-48675.html
* https://www.suse.com/security/cve/CVE-2022-48686.html
* https://www.suse.com/security/cve/CVE-2022-48687.html
* https://www.suse.com/security/cve/CVE-2022-48688.html
* https://www.suse.com/security/cve/CVE-2022-48690.html
* https://www.suse.com/security/cve/CVE-2022-48692.html
* https://www.suse.com/security/cve/CVE-2022-48693.html
* https://www.suse.com/security/cve/CVE-2022-48694.html
* https://www.suse.com/security/cve/CVE-2022-48695.html
* https://www.suse.com/security/cve/CVE-2022-48697.html
* https://www.suse.com/security/cve/CVE-2022-48698.html
* https://www.suse.com/security/cve/CVE-2022-48700.html
* https://www.suse.com/security/cve/CVE-2022-48701.html
* https://www.suse.com/security/cve/CVE-2022-48702.html
* https://www.suse.com/security/cve/CVE-2022-48703.html
* https://www.suse.com/security/cve/CVE-2022-48704.html
* https://www.suse.com/security/cve/CVE-2023-2860.html
* https://www.suse.com/security/cve/CVE-2023-52488.html
* https://www.suse.com/security/cve/CVE-2023-52503.html
* https://www.suse.com/security/cve/CVE-2023-52561.html
* https://www.suse.com/security/cve/CVE-2023-52585.html
* https://www.suse.com/security/cve/CVE-2023-52589.html
* https://www.suse.com/security/cve/CVE-2023-52590.html
* https://www.suse.com/security/cve/CVE-2023-52591.html
* https://www.suse.com/security/cve/CVE-2023-52593.html
* https://www.suse.com/security/cve/CVE-2023-52614.html
* https://www.suse.com/security/cve/CVE-2023-52616.html
* https://www.suse.com/security/cve/CVE-2023-52620.html
* https://www.suse.com/security/cve/CVE-2023-52627.html
* https://www.suse.com/security/cve/CVE-2023-52635.html
* https://www.suse.com/security/cve/CVE-2023-52636.html
* https://www.suse.com/security/cve/CVE-2023-52645.html
* https://www.suse.com/security/cve/CVE-2023-52652.html
* https://www.suse.com/security/cve/CVE-2023-6270.html
* https://www.suse.com/security/cve/CVE-2024-0639.html
* https://www.suse.com/security/cve/CVE-2024-0841.html
* https://www.suse.com/security/cve/CVE-2024-22099.html
* https://www.suse.com/security/cve/CVE-2024-23307.html
* https://www.suse.com/security/cve/CVE-2024-23848.html
* https://www.suse.com/security/cve/CVE-2024-23850.html
* https://www.suse.com/security/cve/CVE-2024-26601.html
* https://www.suse.com/security/cve/CVE-2024-26610.html
* https://www.suse.com/security/cve/CVE-2024-26656.html
* https://www.suse.com/security/cve/CVE-2024-26660.html
* https://www.suse.com/security/cve/CVE-2024-26671.html
* https://www.suse.com/security/cve/CVE-2024-26673.html
* https://www.suse.com/security/cve/CVE-2024-26675.html
* https://www.suse.com/security/cve/CVE-2024-26680.html
* https://www.suse.com/security/cve/CVE-2024-26681.html
* https://www.suse.com/security/cve/CVE-2024-26684.html
* https://www.suse.com/security/cve/CVE-2024-26685.html
* https://www.suse.com/security/cve/CVE-2024-26687.html
* https://www.suse.com/security/cve/CVE-2024-26688.html
* https://www.suse.com/security/cve/CVE-2024-26689.html
* https://www.suse.com/security/cve/CVE-2024-26696.html
* https://www.suse.com/security/cve/CVE-2024-26697.html
* https://www.suse.com/security/cve/CVE-2024-26702.html
* https://www.suse.com/security/cve/CVE-2024-26704.html
* https://www.suse.com/security/cve/CVE-2024-26718.html
* https://www.suse.com/security/cve/CVE-2024-26722.html
* https://www.suse.com/security/cve/CVE-2024-26727.html
* https://www.suse.com/security/cve/CVE-2024-26733.html
* https://www.suse.com/security/cve/CVE-2024-26736.html
* https://www.suse.com/security/cve/CVE-2024-26737.html
* https://www.suse.com/security/cve/CVE-2024-26739.html
* https://www.suse.com/security/cve/CVE-2024-26743.html
* https://www.suse.com/security/cve/CVE-2024-26744.html
* https://www.suse.com/security/cve/CVE-2024-26745.html
* https://www.suse.com/security/cve/CVE-2024-26747.html
* https://www.suse.com/security/cve/CVE-2024-26749.html
* https://www.suse.com/security/cve/CVE-2024-26751.html
* https://www.suse.com/security/cve/CVE-2024-26754.html
* https://www.suse.com/security/cve/CVE-2024-26760.html
* https://www.suse.com/security/cve/CVE-2024-267600.html
* https://www.suse.com/security/cve/CVE-2024-26763.html
* https://www.suse.com/security/cve/CVE-2024-26764.html
* https://www.suse.com/security/cve/CVE-2024-26766.html
* https://www.suse.com/security/cve/CVE-2024-26769.html
* https://www.suse.com/security/cve/CVE-2024-26771.html
* https://www.suse.com/security/cve/CVE-2024-26772.html
* https://www.suse.com/security/cve/CVE-2024-26773.html
* https://www.suse.com/security/cve/CVE-2024-26776.html
* https://www.suse.com/security/cve/CVE-2024-26779.html
* https://www.suse.com/security/cve/CVE-2024-26783.html
* https://www.suse.com/security/cve/CVE-2024-26787.html
* https://www.suse.com/security/cve/CVE-2024-26790.html
* https://www.suse.com/security/cve/CVE-2024-26792.html
* https://www.suse.com/security/cve/CVE-2024-26793.html
* https://www.suse.com/security/cve/CVE-2024-26798.html
* https://www.suse.com/security/cve/CVE-2024-26805.html
* https://www.suse.com/security/cve/CVE-2024-26807.html
* https://www.suse.com/security/cve/CVE-2024-26816.html
* https://www.suse.com/security/cve/CVE-2024-26817.html
* https://www.suse.com/security/cve/CVE-2024-26820.html
* https://www.suse.com/security/cve/CVE-2024-26825.html
* https://www.suse.com/security/cve/CVE-2024-26830.html
* https://www.suse.com/security/cve/CVE-2024-26833.html
* https://www.suse.com/security/cve/CVE-2024-26836.html
* https://www.suse.com/security/cve/CVE-2024-26843.html
* https://www.suse.com/security/cve/CVE-2024-26848.html
* https://www.suse.com/security/cve/CVE-2024-26852.html
* https://www.suse.com/security/cve/CVE-2024-26853.html
* https://www.suse.com/security/cve/CVE-2024-26855.html
* https://www.suse.com/security/cve/CVE-2024-26856.html
* https://www.suse.com/security/cve/CVE-2024-26857.html
* https://www.suse.com/security/cve/CVE-2024-26861.html
* https://www.suse.com/security/cve/CVE-2024-26862.html
* https://www.suse.com/security/cve/CVE-2024-26866.html
* https://www.suse.com/security/cve/CVE-2024-26872.html
* https://www.suse.com/security/cve/CVE-2024-26875.html
* https://www.suse.com/security/cve/CVE-2024-26878.html
* https://www.suse.com/security/cve/CVE-2024-26879.html
* https://www.suse.com/security/cve/CVE-2024-26881.html
* https://www.suse.com/security/cve/CVE-2024-26882.html
* https://www.suse.com/security/cve/CVE-2024-26883.html
* https://www.suse.com/security/cve/CVE-2024-26884.html
* https://www.suse.com/security/cve/CVE-2024-26885.html
* https://www.suse.com/security/cve/CVE-2024-26891.html
* https://www.suse.com/security/cve/CVE-2024-26893.html
* https://www.suse.com/security/cve/CVE-2024-26895.html
* https://www.suse.com/security/cve/CVE-2024-26896.html
* https://www.suse.com/security/cve/CVE-2024-26897.html
* https://www.suse.com/security/cve/CVE-2024-26898.html
* https://www.suse.com/security/cve/CVE-2024-26901.html
* https://www.suse.com/security/cve/CVE-2024-26903.html
* https://www.suse.com/security/cve/CVE-2024-26917.html
* https://www.suse.com/security/cve/CVE-2024-26927.html
* https://www.suse.com/security/cve/CVE-2024-26948.html
* https://www.suse.com/security/cve/CVE-2024-26950.html
* https://www.suse.com/security/cve/CVE-2024-26951.html
* https://www.suse.com/security/cve/CVE-2024-26955.html
* https://www.suse.com/security/cve/CVE-2024-26956.html
* https://www.suse.com/security/cve/CVE-2024-26960.html
* https://www.suse.com/security/cve/CVE-2024-26965.html
* https://www.suse.com/security/cve/CVE-2024-26966.html
* https://www.suse.com/security/cve/CVE-2024-26969.html
* https://www.suse.com/security/cve/CVE-2024-26970.html
* https://www.suse.com/security/cve/CVE-2024-26972.html
* https://www.suse.com/security/cve/CVE-2024-26981.html
* https://www.suse.com/security/cve/CVE-2024-26982.html
* https://www.suse.com/security/cve/CVE-2024-26993.html
* https://www.suse.com/security/cve/CVE-2024-27013.html
* https://www.suse.com/security/cve/CVE-2024-27014.html
* https://www.suse.com/security/cve/CVE-2024-27030.html
* https://www.suse.com/security/cve/CVE-2024-27038.html
* https://www.suse.com/security/cve/CVE-2024-27039.html
* https://www.suse.com/security/cve/CVE-2024-27041.html
* https://www.suse.com/security/cve/CVE-2024-27043.html
* https://www.suse.com/security/cve/CVE-2024-27046.html
* https://www.suse.com/security/cve/CVE-2024-27056.html
* https://www.suse.com/security/cve/CVE-2024-27062.html
* https://www.suse.com/security/cve/CVE-2024-27389.html
* https://bugzilla.suse.com/show_bug.cgi?id=1141539
* https://bugzilla.suse.com/show_bug.cgi?id=1177529
* https://bugzilla.suse.com/show_bug.cgi?id=1190576
* https://bugzilla.suse.com/show_bug.cgi?id=1192145
* https://bugzilla.suse.com/show_bug.cgi?id=1192837
* https://bugzilla.suse.com/show_bug.cgi?id=1193629
* https://bugzilla.suse.com/show_bug.cgi?id=1196869
* https://bugzilla.suse.com/show_bug.cgi?id=1200313
* https://bugzilla.suse.com/show_bug.cgi?id=1201308
* https://bugzilla.suse.com/show_bug.cgi?id=1201489
* https://bugzilla.suse.com/show_bug.cgi?id=1203906
* https://bugzilla.suse.com/show_bug.cgi?id=1203935
* https://bugzilla.suse.com/show_bug.cgi?id=1204614
* https://bugzilla.suse.com/show_bug.cgi?id=1207361
* https://bugzilla.suse.com/show_bug.cgi?id=1211592
* https://bugzilla.suse.com/show_bug.cgi?id=1213573
* https://bugzilla.suse.com/show_bug.cgi?id=1217408
* https://bugzilla.suse.com/show_bug.cgi?id=1218562
* https://bugzilla.suse.com/show_bug.cgi?id=1218917
* https://bugzilla.suse.com/show_bug.cgi?id=1219104
* https://bugzilla.suse.com/show_bug.cgi?id=1219126
* https://bugzilla.suse.com/show_bug.cgi?id=1219141
* https://bugzilla.suse.com/show_bug.cgi?id=1219169
* https://bugzilla.suse.com/show_bug.cgi?id=1219170
* https://bugzilla.suse.com/show_bug.cgi?id=1219264
* https://bugzilla.suse.com/show_bug.cgi?id=1220342
* https://bugzilla.suse.com/show_bug.cgi?id=1220492
* https://bugzilla.suse.com/show_bug.cgi?id=1220569
* https://bugzilla.suse.com/show_bug.cgi?id=1220761
* https://bugzilla.suse.com/show_bug.cgi?id=1220901
* https://bugzilla.suse.com/show_bug.cgi?id=1220915
* https://bugzilla.suse.com/show_bug.cgi?id=1220935
* https://bugzilla.suse.com/show_bug.cgi?id=1221042
* https://bugzilla.suse.com/show_bug.cgi?id=1221044
* https://bugzilla.suse.com/show_bug.cgi?id=1221080
* https://bugzilla.suse.com/show_bug.cgi?id=1221084
* https://bugzilla.suse.com/show_bug.cgi?id=1221088
* https://bugzilla.suse.com/show_bug.cgi?id=1221162
* https://bugzilla.suse.com/show_bug.cgi?id=1221299
* https://bugzilla.suse.com/show_bug.cgi?id=1221612
* https://bugzilla.suse.com/show_bug.cgi?id=1221617
* https://bugzilla.suse.com/show_bug.cgi?id=1221645
* https://bugzilla.suse.com/show_bug.cgi?id=1221791
* https://bugzilla.suse.com/show_bug.cgi?id=1221825
* https://bugzilla.suse.com/show_bug.cgi?id=1222011
* https://bugzilla.suse.com/show_bug.cgi?id=1222051
* https://bugzilla.suse.com/show_bug.cgi?id=1222247
* https://bugzilla.suse.com/show_bug.cgi?id=1222266
* https://bugzilla.suse.com/show_bug.cgi?id=1222294
* https://bugzilla.suse.com/show_bug.cgi?id=1222307
* https://bugzilla.suse.com/show_bug.cgi?id=1222357
* https://bugzilla.suse.com/show_bug.cgi?id=1222368
* https://bugzilla.suse.com/show_bug.cgi?id=1222379
* https://bugzilla.suse.com/show_bug.cgi?id=1222416
* https://bugzilla.suse.com/show_bug.cgi?id=1222422
* https://bugzilla.suse.com/show_bug.cgi?id=1222424
* https://bugzilla.suse.com/show_bug.cgi?id=1222427
* https://bugzilla.suse.com/show_bug.cgi?id=1222428
* https://bugzilla.suse.com/show_bug.cgi?id=1222430
* https://bugzilla.suse.com/show_bug.cgi?id=1222431
* https://bugzilla.suse.com/show_bug.cgi?id=1222435
* https://bugzilla.suse.com/show_bug.cgi?id=1222437
* https://bugzilla.suse.com/show_bug.cgi?id=1222445
* https://bugzilla.suse.com/show_bug.cgi?id=1222449
* https://bugzilla.suse.com/show_bug.cgi?id=1222482
* https://bugzilla.suse.com/show_bug.cgi?id=1222503
* https://bugzilla.suse.com/show_bug.cgi?id=1222520
* https://bugzilla.suse.com/show_bug.cgi?id=1222536
* https://bugzilla.suse.com/show_bug.cgi?id=1222549
* https://bugzilla.suse.com/show_bug.cgi?id=1222550
* https://bugzilla.suse.com/show_bug.cgi?id=1222557
* https://bugzilla.suse.com/show_bug.cgi?id=1222559
* https://bugzilla.suse.com/show_bug.cgi?id=1222585
* https://bugzilla.suse.com/show_bug.cgi?id=1222586
* https://bugzilla.suse.com/show_bug.cgi?id=1222596
* https://bugzilla.suse.com/show_bug.cgi?id=1222609
* https://bugzilla.suse.com/show_bug.cgi?id=1222610
* https://bugzilla.suse.com/show_bug.cgi?id=1222613
* https://bugzilla.suse.com/show_bug.cgi?id=1222615
* https://bugzilla.suse.com/show_bug.cgi?id=1222618
* https://bugzilla.suse.com/show_bug.cgi?id=1222624
* https://bugzilla.suse.com/show_bug.cgi?id=1222630
* https://bugzilla.suse.com/show_bug.cgi?id=1222632
* https://bugzilla.suse.com/show_bug.cgi?id=1222660
* https://bugzilla.suse.com/show_bug.cgi?id=1222662
* https://bugzilla.suse.com/show_bug.cgi?id=1222664
* https://bugzilla.suse.com/show_bug.cgi?id=1222666
* https://bugzilla.suse.com/show_bug.cgi?id=1222669
* https://bugzilla.suse.com/show_bug.cgi?id=1222671
* https://bugzilla.suse.com/show_bug.cgi?id=1222677
* https://bugzilla.suse.com/show_bug.cgi?id=1222678
* https://bugzilla.suse.com/show_bug.cgi?id=1222680
* https://bugzilla.suse.com/show_bug.cgi?id=1222703
* https://bugzilla.suse.com/show_bug.cgi?id=1222704
* https://bugzilla.suse.com/show_bug.cgi?id=1222706
* https://bugzilla.suse.com/show_bug.cgi?id=1222709
* https://bugzilla.suse.com/show_bug.cgi?id=1222710
* https://bugzilla.suse.com/show_bug.cgi?id=1222720
* https://bugzilla.suse.com/show_bug.cgi?id=1222721
* https://bugzilla.suse.com/show_bug.cgi?id=1222724
* https://bugzilla.suse.com/show_bug.cgi?id=1222726
* https://bugzilla.suse.com/show_bug.cgi?id=1222727
* https://bugzilla.suse.com/show_bug.cgi?id=1222764
* https://bugzilla.suse.com/show_bug.cgi?id=1222772
* https://bugzilla.suse.com/show_bug.cgi?id=1222773
* https://bugzilla.suse.com/show_bug.cgi?id=1222776
* https://bugzilla.suse.com/show_bug.cgi?id=1222781
* https://bugzilla.suse.com/show_bug.cgi?id=1222784
* https://bugzilla.suse.com/show_bug.cgi?id=1222785
* https://bugzilla.suse.com/show_bug.cgi?id=1222787
* https://bugzilla.suse.com/show_bug.cgi?id=1222790
* https://bugzilla.suse.com/show_bug.cgi?id=1222791
* https://bugzilla.suse.com/show_bug.cgi?id=1222792
* https://bugzilla.suse.com/show_bug.cgi?id=1222796
* https://bugzilla.suse.com/show_bug.cgi?id=1222798
* https://bugzilla.suse.com/show_bug.cgi?id=1222801
* https://bugzilla.suse.com/show_bug.cgi?id=1222812
* https://bugzilla.suse.com/show_bug.cgi?id=1222824
* https://bugzilla.suse.com/show_bug.cgi?id=1222829
* https://bugzilla.suse.com/show_bug.cgi?id=1222832
* https://bugzilla.suse.com/show_bug.cgi?id=1222836
* https://bugzilla.suse.com/show_bug.cgi?id=1222838
* https://bugzilla.suse.com/show_bug.cgi?id=1222866
* https://bugzilla.suse.com/show_bug.cgi?id=1222867
* https://bugzilla.suse.com/show_bug.cgi?id=1222869
* https://bugzilla.suse.com/show_bug.cgi?id=1222876
* https://bugzilla.suse.com/show_bug.cgi?id=1222878
* https://bugzilla.suse.com/show_bug.cgi?id=1222879
* https://bugzilla.suse.com/show_bug.cgi?id=1222881
* https://bugzilla.suse.com/show_bug.cgi?id=1222883
* https://bugzilla.suse.com/show_bug.cgi?id=1222888
* https://bugzilla.suse.com/show_bug.cgi?id=1222894
* https://bugzilla.suse.com/show_bug.cgi?id=1222901
* https://bugzilla.suse.com/show_bug.cgi?id=1222968
* https://bugzilla.suse.com/show_bug.cgi?id=1223012
* https://bugzilla.suse.com/show_bug.cgi?id=1223014
* https://bugzilla.suse.com/show_bug.cgi?id=1223016
* https://bugzilla.suse.com/show_bug.cgi?id=1223024
* https://bugzilla.suse.com/show_bug.cgi?id=1223030
* https://bugzilla.suse.com/show_bug.cgi?id=1223033
* https://bugzilla.suse.com/show_bug.cgi?id=1223034
* https://bugzilla.suse.com/show_bug.cgi?id=1223035
* https://bugzilla.suse.com/show_bug.cgi?id=1223036
* https://bugzilla.suse.com/show_bug.cgi?id=1223037
* https://bugzilla.suse.com/show_bug.cgi?id=1223041
* https://bugzilla.suse.com/show_bug.cgi?id=1223042
* https://bugzilla.suse.com/show_bug.cgi?id=1223051
* https://bugzilla.suse.com/show_bug.cgi?id=1223052
* https://bugzilla.suse.com/show_bug.cgi?id=1223056
* https://bugzilla.suse.com/show_bug.cgi?id=1223057
* https://bugzilla.suse.com/show_bug.cgi?id=1223058
* https://bugzilla.suse.com/show_bug.cgi?id=1223060
* https://bugzilla.suse.com/show_bug.cgi?id=1223061
* https://bugzilla.suse.com/show_bug.cgi?id=1223065
* https://bugzilla.suse.com/show_bug.cgi?id=1223066
* https://bugzilla.suse.com/show_bug.cgi?id=1223067
* https://bugzilla.suse.com/show_bug.cgi?id=1223068
* https://bugzilla.suse.com/show_bug.cgi?id=1223076
* https://bugzilla.suse.com/show_bug.cgi?id=1223078
* https://bugzilla.suse.com/show_bug.cgi?id=1223111
* https://bugzilla.suse.com/show_bug.cgi?id=1223115
* https://bugzilla.suse.com/show_bug.cgi?id=1223118
* https://bugzilla.suse.com/show_bug.cgi?id=1223187
* https://bugzilla.suse.com/show_bug.cgi?id=1223189
* https://bugzilla.suse.com/show_bug.cgi?id=1223190
* https://bugzilla.suse.com/show_bug.cgi?id=1223191
* https://bugzilla.suse.com/show_bug.cgi?id=1223196
* https://bugzilla.suse.com/show_bug.cgi?id=1223197
* https://bugzilla.suse.com/show_bug.cgi?id=1223198
* https://bugzilla.suse.com/show_bug.cgi?id=1223275
* https://bugzilla.suse.com/show_bug.cgi?id=1223323
* https://bugzilla.suse.com/show_bug.cgi?id=1223369
* https://bugzilla.suse.com/show_bug.cgi?id=1223380
* https://bugzilla.suse.com/show_bug.cgi?id=1223473
* https://bugzilla.suse.com/show_bug.cgi?id=1223474
* https://bugzilla.suse.com/show_bug.cgi?id=1223475
* https://bugzilla.suse.com/show_bug.cgi?id=1223477
* https://bugzilla.suse.com/show_bug.cgi?id=1223478
* https://bugzilla.suse.com/show_bug.cgi?id=1223479
* https://bugzilla.suse.com/show_bug.cgi?id=1223481
* https://bugzilla.suse.com/show_bug.cgi?id=1223482
* https://bugzilla.suse.com/show_bug.cgi?id=1223484
* https://bugzilla.suse.com/show_bug.cgi?id=1223487
* https://bugzilla.suse.com/show_bug.cgi?id=1223490
* https://bugzilla.suse.com/show_bug.cgi?id=1223496
* https://bugzilla.suse.com/show_bug.cgi?id=1223498
* https://bugzilla.suse.com/show_bug.cgi?id=1223499
* https://bugzilla.suse.com/show_bug.cgi?id=1223501
* https://bugzilla.suse.com/show_bug.cgi?id=1223502
* https://bugzilla.suse.com/show_bug.cgi?id=1223503
* https://bugzilla.suse.com/show_bug.cgi?id=1223505
* https://bugzilla.suse.com/show_bug.cgi?id=1223509
* https://bugzilla.suse.com/show_bug.cgi?id=1223511
* https://bugzilla.suse.com/show_bug.cgi?id=1223512
* https://bugzilla.suse.com/show_bug.cgi?id=1223513
* https://bugzilla.suse.com/show_bug.cgi?id=1223516
* https://bugzilla.suse.com/show_bug.cgi?id=1223517
* https://bugzilla.suse.com/show_bug.cgi?id=1223518
* https://bugzilla.suse.com/show_bug.cgi?id=1223519
* https://bugzilla.suse.com/show_bug.cgi?id=1223520
* https://bugzilla.suse.com/show_bug.cgi?id=1223522
* https://bugzilla.suse.com/show_bug.cgi?id=1223523
* https://bugzilla.suse.com/show_bug.cgi?id=1223525
* https://bugzilla.suse.com/show_bug.cgi?id=1223536
* https://bugzilla.suse.com/show_bug.cgi?id=1223539
* https://bugzilla.suse.com/show_bug.cgi?id=1223574
* https://bugzilla.suse.com/show_bug.cgi?id=1223595
* https://bugzilla.suse.com/show_bug.cgi?id=1223598
* https://bugzilla.suse.com/show_bug.cgi?id=1223634
* https://bugzilla.suse.com/show_bug.cgi?id=1223640
* https://bugzilla.suse.com/show_bug.cgi?id=1223643
* https://bugzilla.suse.com/show_bug.cgi?id=1223644
* https://bugzilla.suse.com/show_bug.cgi?id=1223645
* https://bugzilla.suse.com/show_bug.cgi?id=1223646
* https://bugzilla.suse.com/show_bug.cgi?id=1223648
* https://bugzilla.suse.com/show_bug.cgi?id=1223655
* https://bugzilla.suse.com/show_bug.cgi?id=1223657
* https://bugzilla.suse.com/show_bug.cgi?id=1223660
* https://bugzilla.suse.com/show_bug.cgi?id=1223661
* https://bugzilla.suse.com/show_bug.cgi?id=1223663
* https://bugzilla.suse.com/show_bug.cgi?id=1223664
* https://bugzilla.suse.com/show_bug.cgi?id=1223668
* https://bugzilla.suse.com/show_bug.cgi?id=1223686
* https://bugzilla.suse.com/show_bug.cgi?id=1223693
* https://bugzilla.suse.com/show_bug.cgi?id=1223705
* https://bugzilla.suse.com/show_bug.cgi?id=1223714
* https://bugzilla.suse.com/show_bug.cgi?id=1223735
* https://bugzilla.suse.com/show_bug.cgi?id=1223745
* https://bugzilla.suse.com/show_bug.cgi?id=1223784
* https://bugzilla.suse.com/show_bug.cgi?id=1223785
* https://bugzilla.suse.com/show_bug.cgi?id=1223790
* https://bugzilla.suse.com/show_bug.cgi?id=1223816
* https://bugzilla.suse.com/show_bug.cgi?id=1223821
* https://bugzilla.suse.com/show_bug.cgi?id=1223822
* https://bugzilla.suse.com/show_bug.cgi?id=1223824
* https://bugzilla.suse.com/show_bug.cgi?id=1223827
* https://bugzilla.suse.com/show_bug.cgi?id=1223834
* https://bugzilla.suse.com/show_bug.cgi?id=1223875
* https://bugzilla.suse.com/show_bug.cgi?id=1223876
* https://bugzilla.suse.com/show_bug.cgi?id=1223877
* https://bugzilla.suse.com/show_bug.cgi?id=1223878
* https://bugzilla.suse.com/show_bug.cgi?id=1223879
* https://bugzilla.suse.com/show_bug.cgi?id=1223894
* https://bugzilla.suse.com/show_bug.cgi?id=1223921
* https://bugzilla.suse.com/show_bug.cgi?id=1223922
* https://bugzilla.suse.com/show_bug.cgi?id=1223923
* https://bugzilla.suse.com/show_bug.cgi?id=1223924
* https://bugzilla.suse.com/show_bug.cgi?id=1223929
* https://bugzilla.suse.com/show_bug.cgi?id=1223931
* https://bugzilla.suse.com/show_bug.cgi?id=1223932
* https://bugzilla.suse.com/show_bug.cgi?id=1223934
* https://bugzilla.suse.com/show_bug.cgi?id=1223941
* https://bugzilla.suse.com/show_bug.cgi?id=1223948
* https://bugzilla.suse.com/show_bug.cgi?id=1223949
* https://bugzilla.suse.com/show_bug.cgi?id=1223950
* https://bugzilla.suse.com/show_bug.cgi?id=1223951
* https://bugzilla.suse.com/show_bug.cgi?id=1223952
* https://bugzilla.suse.com/show_bug.cgi?id=1223953
* https://bugzilla.suse.com/show_bug.cgi?id=1223956
* https://bugzilla.suse.com/show_bug.cgi?id=1223957
* https://bugzilla.suse.com/show_bug.cgi?id=1223960
* https://bugzilla.suse.com/show_bug.cgi?id=1223962
* https://bugzilla.suse.com/show_bug.cgi?id=1223963
* https://bugzilla.suse.com/show_bug.cgi?id=1223964
* https://jira.suse.com/browse/PED-1166
* https://jira.suse.com/browse/PED-1168
* https://jira.suse.com/browse/PED-1170
* https://jira.suse.com/browse/PED-1218
* https://jira.suse.com/browse/PED-1220
* https://jira.suse.com/browse/PED-1222
* https://jira.suse.com/browse/PED-1223
* https://jira.suse.com/browse/PED-1225
* https://jira.suse.com/browse/PED-1565
* https://jira.suse.com/browse/PED-2849
* https://jira.suse.com/browse/PED-376
* https://jira.suse.com/browse/PED-542
* https://jira.suse.com/browse/PED-7167
* https://jira.suse.com/browse/PED-7619
* https://jira.suse.com/browse/SLE-18378
* https://jira.suse.com/browse/SLE-18383
* https://jira.suse.com/browse/SLE-18385
* https://jira.suse.com/browse/SLE-18978
* https://jira.suse.com/browse/SLE-19249
* https://jira.suse.com/browse/SLE-19253



SUSE-SU-2024:1856-1: important: Security update for freerdp


# Security update for freerdp

Announcement ID: SUSE-SU-2024:1856-1
Rating: important
References:

* bsc#1223346
* bsc#1223347
* bsc#1223348
* bsc#1223353

Cross-References:

* CVE-2024-32658
* CVE-2024-32659
* CVE-2024-32660
* CVE-2024-32661

CVSS scores:

* CVE-2024-32658 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-32659 ( SUSE ): 7.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H
* CVE-2024-32660 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
* CVE-2024-32661 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Affected Products:

* openSUSE Leap 15.4
* openSUSE Leap 15.5
* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4
* SUSE Linux Enterprise Desktop 15 SP5
* SUSE Linux Enterprise Desktop 15 SP6
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise Micro 5.5
* SUSE Linux Enterprise Real Time 15 SP5
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
* SUSE Linux Enterprise Workstation Extension 15 SP5
* SUSE Package Hub 15 15-SP5
* SUSE Package Hub 15 15-SP6

An update that solves four vulnerabilities can now be installed.

## Description:

This update for freerdp fixes the following issues:

* CVE-2024-32658: Fixed out-of-bounds read in Interleaved RLE Bitmap Codec
(bsc#1223353).
* CVE-2024-32659: Fixed out-of-bounds read if `((nWidth == 0) and (nHeight ==
0))` (bsc#1223346)
* CVE-2024-32660: Fixed client crash via invalid huge allocation size
(bsc#1223347)
* CVE-2024-32661: Fixed client NULL pointer dereference (bsc#1223348)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* SUSE Package Hub 15 15-SP6
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2024-1856=1

* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4
zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-1856=1

* SUSE Linux Enterprise Workstation Extension 15 SP5
zypper in -t patch SUSE-SLE-Product-WE-15-SP5-2024-1856=1

* openSUSE Leap 15.4
zypper in -t patch SUSE-2024-1856=1

* openSUSE Leap 15.5
zypper in -t patch openSUSE-SLE-15.5-2024-1856=1

* SUSE Package Hub 15 15-SP5
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-1856=1

## Package List:

* SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x)
* libwinpr2-debuginfo-2.4.0-150400.3.32.1
* freerdp-debugsource-2.4.0-150400.3.32.1
* libwinpr2-2.4.0-150400.3.32.1
* libfreerdp2-debuginfo-2.4.0-150400.3.32.1
* freerdp-debuginfo-2.4.0-150400.3.32.1
* libfreerdp2-2.4.0-150400.3.32.1
* winpr2-devel-2.4.0-150400.3.32.1
* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64)
* freerdp-proxy-debuginfo-2.4.0-150400.3.32.1
* freerdp-2.4.0-150400.3.32.1
* libwinpr2-debuginfo-2.4.0-150400.3.32.1
* freerdp-debugsource-2.4.0-150400.3.32.1
* libwinpr2-2.4.0-150400.3.32.1
* freerdp-devel-2.4.0-150400.3.32.1
* freerdp-proxy-2.4.0-150400.3.32.1
* libfreerdp2-debuginfo-2.4.0-150400.3.32.1
* freerdp-debuginfo-2.4.0-150400.3.32.1
* libfreerdp2-2.4.0-150400.3.32.1
* winpr2-devel-2.4.0-150400.3.32.1
* SUSE Linux Enterprise Workstation Extension 15 SP5 (x86_64)
* freerdp-proxy-debuginfo-2.4.0-150400.3.32.1
* freerdp-2.4.0-150400.3.32.1
* libwinpr2-debuginfo-2.4.0-150400.3.32.1
* freerdp-debugsource-2.4.0-150400.3.32.1
* libwinpr2-2.4.0-150400.3.32.1
* freerdp-devel-2.4.0-150400.3.32.1
* freerdp-proxy-2.4.0-150400.3.32.1
* libfreerdp2-debuginfo-2.4.0-150400.3.32.1
* freerdp-debuginfo-2.4.0-150400.3.32.1
* libfreerdp2-2.4.0-150400.3.32.1
* winpr2-devel-2.4.0-150400.3.32.1
* openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
* freerdp-wayland-2.4.0-150400.3.32.1
* freerdp-proxy-debuginfo-2.4.0-150400.3.32.1
* freerdp-2.4.0-150400.3.32.1
* freerdp-server-2.4.0-150400.3.32.1
* libwinpr2-debuginfo-2.4.0-150400.3.32.1
* winpr2-devel-2.4.0-150400.3.32.1
* freerdp-debugsource-2.4.0-150400.3.32.1
* libwinpr2-2.4.0-150400.3.32.1
* freerdp-devel-2.4.0-150400.3.32.1
* freerdp-proxy-2.4.0-150400.3.32.1
* libfreerdp2-debuginfo-2.4.0-150400.3.32.1
* uwac0-0-devel-2.4.0-150400.3.32.1
* freerdp-server-debuginfo-2.4.0-150400.3.32.1
* libuwac0-0-debuginfo-2.4.0-150400.3.32.1
* freerdp-debuginfo-2.4.0-150400.3.32.1
* libfreerdp2-2.4.0-150400.3.32.1
* freerdp-wayland-debuginfo-2.4.0-150400.3.32.1
* libuwac0-0-2.4.0-150400.3.32.1
* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64)
* freerdp-wayland-2.4.0-150400.3.32.1
* freerdp-proxy-debuginfo-2.4.0-150400.3.32.1
* freerdp-2.4.0-150400.3.32.1
* freerdp-server-2.4.0-150400.3.32.1
* libwinpr2-debuginfo-2.4.0-150400.3.32.1
* winpr2-devel-2.4.0-150400.3.32.1
* freerdp-debugsource-2.4.0-150400.3.32.1
* libwinpr2-2.4.0-150400.3.32.1
* freerdp-devel-2.4.0-150400.3.32.1
* freerdp-proxy-2.4.0-150400.3.32.1
* libfreerdp2-debuginfo-2.4.0-150400.3.32.1
* uwac0-0-devel-2.4.0-150400.3.32.1
* freerdp-server-debuginfo-2.4.0-150400.3.32.1
* libuwac0-0-debuginfo-2.4.0-150400.3.32.1
* freerdp-debuginfo-2.4.0-150400.3.32.1
* libfreerdp2-2.4.0-150400.3.32.1
* freerdp-wayland-debuginfo-2.4.0-150400.3.32.1
* libuwac0-0-2.4.0-150400.3.32.1
* SUSE Package Hub 15 15-SP5 (aarch64 ppc64le s390x)
* freerdp-wayland-2.4.0-150400.3.32.1
* freerdp-proxy-debuginfo-2.4.0-150400.3.32.1
* freerdp-2.4.0-150400.3.32.1
* freerdp-server-2.4.0-150400.3.32.1
* libwinpr2-debuginfo-2.4.0-150400.3.32.1
* winpr2-devel-2.4.0-150400.3.32.1
* freerdp-debugsource-2.4.0-150400.3.32.1
* libwinpr2-2.4.0-150400.3.32.1
* freerdp-devel-2.4.0-150400.3.32.1
* freerdp-proxy-2.4.0-150400.3.32.1
* libfreerdp2-debuginfo-2.4.0-150400.3.32.1
* uwac0-0-devel-2.4.0-150400.3.32.1
* freerdp-server-debuginfo-2.4.0-150400.3.32.1
* libuwac0-0-debuginfo-2.4.0-150400.3.32.1
* freerdp-debuginfo-2.4.0-150400.3.32.1
* libfreerdp2-2.4.0-150400.3.32.1
* freerdp-wayland-debuginfo-2.4.0-150400.3.32.1
* libuwac0-0-2.4.0-150400.3.32.1

## References:

* https://www.suse.com/security/cve/CVE-2024-32658.html
* https://www.suse.com/security/cve/CVE-2024-32659.html
* https://www.suse.com/security/cve/CVE-2024-32660.html
* https://www.suse.com/security/cve/CVE-2024-32661.html
* https://bugzilla.suse.com/show_bug.cgi?id=1223346
* https://bugzilla.suse.com/show_bug.cgi?id=1223347
* https://bugzilla.suse.com/show_bug.cgi?id=1223348
* https://bugzilla.suse.com/show_bug.cgi?id=1223353



SUSE-SU-2024:1486-1: moderate: Security update for cosign


# Security update for cosign

Announcement ID: SUSE-SU-2024:1486-1
Rating: moderate
References:

* bsc#1222835
* bsc#1222837
* jsc#SLE-23879

Cross-References:

* CVE-2024-29902
* CVE-2024-29903

CVSS scores:

* CVE-2024-29902 ( SUSE ): 4.2 CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:N/A:H
* CVE-2024-29903 ( SUSE ): 4.2 CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:N/A:H

Affected Products:

* Basesystem Module 15-SP5
* openSUSE Leap 15.4
* openSUSE Leap 15.5
* SUSE Linux Enterprise Desktop 15 SP5
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise Real Time 15 SP5
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP5

An update that solves two vulnerabilities and contains one feature can now be
installed.

## Description:

This update for cosign fixes the following issues:

* CVE-2024-29902: Fixed denial of service on host machine via remote image
with a malicious attachments (bsc#1222835)
* CVE-2024-29903: Fixed denial of service on host machine via malicious
software artifacts (bsc#1222837)

Other fixes: \- Updated to 2.2.4 (jsc#SLE-23879) * Fixes for GHSA-88jx-383q-w4qc
and GHSA-95pr-fxf5-86gv (#3661) * ErrNoSignaturesFound should be used when there
is no signature attached to an image. (#3526) * fix semgrep issues for
dgryski.semgrep-go ruleset (#3541) * Honor creation timestamp for signatures
again (#3549) * Features * Adds Support for Fulcio Client Credentials Flow, and
Argument to Set Flow Explicitly (#3578)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.4
zypper in -t patch SUSE-2024-1486=1

* openSUSE Leap 15.5
zypper in -t patch openSUSE-SLE-15.5-2024-1486=1

* Basesystem Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-1486=1

## Package List:

* openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
* cosign-debuginfo-2.2.4-150400.3.20.1
* cosign-2.2.4-150400.3.20.1
* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64)
* cosign-2.2.4-150400.3.20.1
* Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64)
* cosign-2.2.4-150400.3.20.1

## References:

* https://www.suse.com/security/cve/CVE-2024-29902.html
* https://www.suse.com/security/cve/CVE-2024-29903.html
* https://bugzilla.suse.com/show_bug.cgi?id=1222835
* https://bugzilla.suse.com/show_bug.cgi?id=1222837
* https://jira.suse.com/browse/SLE-23879



SUSE-SU-2024:1858-1: important: Security update for MozillaThunderbird


# Security update for MozillaThunderbird

Announcement ID: SUSE-SU-2024:1858-1
Rating: important
References:

* bsc#1224056

Cross-References:

* CVE-2024-4367
* CVE-2024-4767
* CVE-2024-4768
* CVE-2024-4769
* CVE-2024-4770
* CVE-2024-4777

CVSS scores:

* CVE-2024-4367 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
* CVE-2024-4767 ( SUSE ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
* CVE-2024-4768 ( SUSE ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
* CVE-2024-4769 ( SUSE ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
* CVE-2024-4770 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
* CVE-2024-4777 ( SUSE ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Affected Products:

* openSUSE Leap 15.5
* openSUSE Leap 15.6
* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4
* SUSE Linux Enterprise Desktop 15 SP5
* SUSE Linux Enterprise Desktop 15 SP6
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise Micro 5.5
* SUSE Linux Enterprise Real Time 15 SP5
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
* SUSE Linux Enterprise Workstation Extension 15 SP5
* SUSE Linux Enterprise Workstation Extension 15 SP6
* SUSE Package Hub 15 15-SP5
* SUSE Package Hub 15 15-SP6

An update that solves six vulnerabilities can now be installed.

## Description:

This update for MozillaThunderbird fixes the following issues:

Update to version 115.11 (bsc#1224056):

* CVE-2024-4367: Arbitrary JavaScript execution in PDF.js
* CVE-2024-4767: IndexedDB files retained in private browsing mode
* CVE-2024-4768: Potential permissions request bypass via clickjacking
* CVE-2024-4769: Cross-origin responses could be distinguished between script
and non-script content-types
* CVE-2024-4770: Use-after-free could occur when printing to PDF
* CVE-2024-4777: Memory safety bugs fixed in Firefox 126, Firefox ESR 115.11,
and Thunderbird 115.11
* fixed: Splitter arrow between task list and task description did not behave
as expected
* fixed: Calendar Event Attendees dialog had incorrectly sized rows

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.5
zypper in -t patch openSUSE-SLE-15.5-2024-1858=1

* openSUSE Leap 15.6
zypper in -t patch openSUSE-SLE-15.6-2024-1858=1

* SUSE Package Hub 15 15-SP5
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-1858=1

* SUSE Package Hub 15 15-SP6
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2024-1858=1

* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4
zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-1858=1

* SUSE Linux Enterprise Workstation Extension 15 SP5
zypper in -t patch SUSE-SLE-Product-WE-15-SP5-2024-1858=1

* SUSE Linux Enterprise Workstation Extension 15 SP6
zypper in -t patch SUSE-SLE-Product-WE-15-SP6-2024-1858=1

## Package List:

* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64)
* MozillaThunderbird-debugsource-115.11.0-150200.8.160.1
* MozillaThunderbird-translations-other-115.11.0-150200.8.160.1
* MozillaThunderbird-translations-common-115.11.0-150200.8.160.1
* MozillaThunderbird-debuginfo-115.11.0-150200.8.160.1
* MozillaThunderbird-115.11.0-150200.8.160.1
* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
* MozillaThunderbird-debugsource-115.11.0-150200.8.160.1
* MozillaThunderbird-translations-other-115.11.0-150200.8.160.1
* MozillaThunderbird-translations-common-115.11.0-150200.8.160.1
* MozillaThunderbird-debuginfo-115.11.0-150200.8.160.1
* MozillaThunderbird-115.11.0-150200.8.160.1
* SUSE Package Hub 15 15-SP5 (aarch64 ppc64le s390x)
* MozillaThunderbird-debugsource-115.11.0-150200.8.160.1
* MozillaThunderbird-translations-other-115.11.0-150200.8.160.1
* MozillaThunderbird-translations-common-115.11.0-150200.8.160.1
* MozillaThunderbird-debuginfo-115.11.0-150200.8.160.1
* MozillaThunderbird-115.11.0-150200.8.160.1
* SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x)
* MozillaThunderbird-debugsource-115.11.0-150200.8.160.1
* MozillaThunderbird-translations-other-115.11.0-150200.8.160.1
* MozillaThunderbird-translations-common-115.11.0-150200.8.160.1
* MozillaThunderbird-debuginfo-115.11.0-150200.8.160.1
* MozillaThunderbird-115.11.0-150200.8.160.1
* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64)
* MozillaThunderbird-debugsource-115.11.0-150200.8.160.1
* MozillaThunderbird-translations-other-115.11.0-150200.8.160.1
* MozillaThunderbird-translations-common-115.11.0-150200.8.160.1
* MozillaThunderbird-debuginfo-115.11.0-150200.8.160.1
* MozillaThunderbird-115.11.0-150200.8.160.1
* SUSE Linux Enterprise Workstation Extension 15 SP5 (x86_64)
* MozillaThunderbird-debugsource-115.11.0-150200.8.160.1
* MozillaThunderbird-translations-other-115.11.0-150200.8.160.1
* MozillaThunderbird-translations-common-115.11.0-150200.8.160.1
* MozillaThunderbird-debuginfo-115.11.0-150200.8.160.1
* MozillaThunderbird-115.11.0-150200.8.160.1
* SUSE Linux Enterprise Workstation Extension 15 SP6 (x86_64)
* MozillaThunderbird-debugsource-115.11.0-150200.8.160.1
* MozillaThunderbird-translations-other-115.11.0-150200.8.160.1
* MozillaThunderbird-translations-common-115.11.0-150200.8.160.1
* MozillaThunderbird-debuginfo-115.11.0-150200.8.160.1
* MozillaThunderbird-115.11.0-150200.8.160.1

## References:

* https://www.suse.com/security/cve/CVE-2024-4367.html
* https://www.suse.com/security/cve/CVE-2024-4767.html
* https://www.suse.com/security/cve/CVE-2024-4768.html
* https://www.suse.com/security/cve/CVE-2024-4769.html
* https://www.suse.com/security/cve/CVE-2024-4770.html
* https://www.suse.com/security/cve/CVE-2024-4777.html
* https://bugzilla.suse.com/show_bug.cgi?id=1224056



SUSE-SU-2024:1860-1: important: Security update for uriparser


# Security update for uriparser

Announcement ID: SUSE-SU-2024:1860-1
Rating: important
References:

* bsc#1223887
* bsc#1223888

Cross-References:

* CVE-2024-34402
* CVE-2024-34403

CVSS scores:

* CVE-2024-34402 ( SUSE ): 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H
* CVE-2024-34403 ( SUSE ): 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H

Affected Products:

* openSUSE Leap 15.5
* openSUSE Leap 15.6
* SUSE Linux Enterprise Desktop 15 SP5
* SUSE Linux Enterprise Desktop 15 SP6
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise Micro 5.5
* SUSE Linux Enterprise Real Time 15 SP5
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
* SUSE Package Hub 15 15-SP5
* SUSE Package Hub 15 15-SP6

An update that solves two vulnerabilities can now be installed.

## Description:

This update for uriparser fixes the following issues:

* CVE-2024-34402: Fixed integer overflow protection in ComposeQueryEngine
(bsc#1223887).
* CVE-2024-34403: Fixed integer overflow protection in ComposeQueryMallocExMm
(bsc#1223888).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* SUSE Package Hub 15 15-SP5
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-1860=1

* SUSE Package Hub 15 15-SP6
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2024-1860=1

* openSUSE Leap 15.5
zypper in -t patch openSUSE-SLE-15.5-2024-1860=1

* openSUSE Leap 15.6
zypper in -t patch openSUSE-SLE-15.6-2024-1860=1

## Package List:

* SUSE Package Hub 15 15-SP5 (aarch64 ppc64le s390x x86_64)
* uriparser-debugsource-0.8.5-150000.3.8.1
* uriparser-0.8.5-150000.3.8.1
* liburiparser1-0.8.5-150000.3.8.1
* liburiparser1-debuginfo-0.8.5-150000.3.8.1
* uriparser-devel-0.8.5-150000.3.8.1
* uriparser-debuginfo-0.8.5-150000.3.8.1
* SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x x86_64)
* uriparser-debugsource-0.8.5-150000.3.8.1
* uriparser-0.8.5-150000.3.8.1
* liburiparser1-0.8.5-150000.3.8.1
* liburiparser1-debuginfo-0.8.5-150000.3.8.1
* uriparser-devel-0.8.5-150000.3.8.1
* uriparser-debuginfo-0.8.5-150000.3.8.1
* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64)
* uriparser-debugsource-0.8.5-150000.3.8.1
* uriparser-0.8.5-150000.3.8.1
* liburiparser1-0.8.5-150000.3.8.1
* liburiparser1-debuginfo-0.8.5-150000.3.8.1
* uriparser-devel-0.8.5-150000.3.8.1
* uriparser-debuginfo-0.8.5-150000.3.8.1
* openSUSE Leap 15.5 (x86_64)
* liburiparser1-32bit-debuginfo-0.8.5-150000.3.8.1
* liburiparser1-32bit-0.8.5-150000.3.8.1
* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
* uriparser-debugsource-0.8.5-150000.3.8.1
* uriparser-0.8.5-150000.3.8.1
* liburiparser1-0.8.5-150000.3.8.1
* liburiparser1-debuginfo-0.8.5-150000.3.8.1
* uriparser-devel-0.8.5-150000.3.8.1
* uriparser-debuginfo-0.8.5-150000.3.8.1
* openSUSE Leap 15.6 (x86_64)
* liburiparser1-32bit-debuginfo-0.8.5-150000.3.8.1
* liburiparser1-32bit-0.8.5-150000.3.8.1

## References:

* https://www.suse.com/security/cve/CVE-2024-34402.html
* https://www.suse.com/security/cve/CVE-2024-34403.html
* https://bugzilla.suse.com/show_bug.cgi?id=1223887
* https://bugzilla.suse.com/show_bug.cgi?id=1223888



SUSE-SU-2024:1855-1: important: Security update for python-PyMySQL


# Security update for python-PyMySQL

Announcement ID: SUSE-SU-2024:1855-1
Rating: important
References:

* bsc#1225070

Cross-References:

* CVE-2024-36039

CVSS scores:

* CVE-2024-36039 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected Products:

* openSUSE Leap 15.5
* SUSE Linux Enterprise Desktop 15 SP5
* SUSE Linux Enterprise Desktop 15 SP6
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise Micro 5.5
* SUSE Linux Enterprise Real Time 15 SP5
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
* SUSE Package Hub 15 15-SP5
* SUSE Package Hub 15 15-SP6

An update that solves one vulnerability can now be installed.

## Description:

This update for python-PyMySQL fixes the following issues:

* CVE-2024-36039: Fixed SQL injection if used with untrusted JSON input
(bsc#1225070).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.5
zypper in -t patch openSUSE-SLE-15.5-2024-1855=1

* SUSE Package Hub 15 15-SP5
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-1855=1

* SUSE Package Hub 15 15-SP6
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2024-1855=1

## Package List:

* openSUSE Leap 15.5 (noarch)
* python3-PyMySQL-0.7.11-150000.3.3.1
* SUSE Package Hub 15 15-SP5 (noarch)
* python3-PyMySQL-0.7.11-150000.3.3.1
* SUSE Package Hub 15 15-SP6 (noarch)
* python3-PyMySQL-0.7.11-150000.3.3.1

## References:

* https://www.suse.com/security/cve/CVE-2024-36039.html
* https://bugzilla.suse.com/show_bug.cgi?id=1225070



SUSE-SU-2024:1861-1: important: Security update for python3-sqlparse


# Security update for python3-sqlparse

Announcement ID: SUSE-SU-2024:1861-1
Rating: important
References:

* bsc#1223603

Cross-References:

* CVE-2024-4340

CVSS scores:

* CVE-2024-4340 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products:

* Basesystem Module 15-SP5
* Basesystem Module 15-SP6
* openSUSE Leap 15.3
* openSUSE Leap 15.5
* SUSE Enterprise Storage 7.1
* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4
* SUSE Linux Enterprise Desktop 15 SP5
* SUSE Linux Enterprise Desktop 15 SP6
* SUSE Linux Enterprise High Performance Computing 15 SP3
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
* SUSE Linux Enterprise Real Time 15 SP5
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Server 15 SP3
* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP3
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
* SUSE Manager Proxy 4.3
* SUSE Manager Retail Branch Server 4.3
* SUSE Manager Server 4.3

An update that solves one vulnerability can now be installed.

## Description:

This update for python3-sqlparse fixes the following issues:

* CVE-2024-4340: Fixed RecursionError catch to avoid a denial-of-service issue
(bsc#1223603).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.3
zypper in -t patch SUSE-2024-1861=1

* openSUSE Leap 15.5
zypper in -t patch openSUSE-SLE-15.5-2024-1861=1

* Basesystem Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-1861=1

* Basesystem Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-1861=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-1861=1

* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-1861=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-1861=1

* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4
zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-1861=1

* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3
zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-1861=1

* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4
zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-1861=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP3
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-1861=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP4
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-1861=1

* SUSE Manager Proxy 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-1861=1

* SUSE Manager Retail Branch Server 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-
Server-4.3-2024-1861=1

* SUSE Manager Server 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-1861=1

* SUSE Enterprise Storage 7.1
zypper in -t patch SUSE-Storage-7.1-2024-1861=1

## Package List:

* openSUSE Leap 15.3 (noarch)
* python3-sqlparse-0.4.2-150300.12.1
* openSUSE Leap 15.5 (noarch)
* python3-sqlparse-0.4.2-150300.12.1
* Basesystem Module 15-SP5 (noarch)
* python3-sqlparse-0.4.2-150300.12.1
* Basesystem Module 15-SP6 (noarch)
* python3-sqlparse-0.4.2-150300.12.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch)
* python3-sqlparse-0.4.2-150300.12.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch)
* python3-sqlparse-0.4.2-150300.12.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch)
* python3-sqlparse-0.4.2-150300.12.1
* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (noarch)
* python3-sqlparse-0.4.2-150300.12.1
* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (noarch)
* python3-sqlparse-0.4.2-150300.12.1
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch)
* python3-sqlparse-0.4.2-150300.12.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch)
* python3-sqlparse-0.4.2-150300.12.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch)
* python3-sqlparse-0.4.2-150300.12.1
* SUSE Manager Proxy 4.3 (noarch)
* python3-sqlparse-0.4.2-150300.12.1
* SUSE Manager Retail Branch Server 4.3 (noarch)
* python3-sqlparse-0.4.2-150300.12.1
* SUSE Manager Server 4.3 (noarch)
* python3-sqlparse-0.4.2-150300.12.1
* SUSE Enterprise Storage 7.1 (noarch)
* python3-sqlparse-0.4.2-150300.12.1

## References:

* https://www.suse.com/security/cve/CVE-2024-4340.html
* https://bugzilla.suse.com/show_bug.cgi?id=1223603



SUSE-SU-2024:1857-1: moderate: Security update for python-requests


# Security update for python-requests

Announcement ID: SUSE-SU-2024:1857-1
Rating: moderate
References:

* bsc#1224788

Cross-References:

* CVE-2024-35195

CVSS scores:

* CVE-2024-35195 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N

Affected Products:

* openSUSE Leap 15.4
* openSUSE Leap 15.5
* openSUSE Leap 15.6
* Public Cloud Module 15-SP4
* Python 3 Module 15-SP5
* Python 3 Module 15-SP6
* SUSE Linux Enterprise Desktop 15 SP5
* SUSE Linux Enterprise Desktop 15 SP6
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
* SUSE Manager Proxy 4.3
* SUSE Manager Retail Branch Server 4.3
* SUSE Manager Server 4.3

An update that solves one vulnerability can now be installed.

## Description:

This update for python-requests fixes the following issues:

* CVE-2024-35195: Fixed cert verification regardless of changes to the value
of `verify` (bsc#1224788).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.4
zypper in -t patch SUSE-2024-1857=1

* openSUSE Leap 15.5
zypper in -t patch openSUSE-SLE-15.5-2024-1857=1

* openSUSE Leap 15.6
zypper in -t patch openSUSE-SLE-15.6-2024-1857=1

* Public Cloud Module 15-SP4
zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2024-1857=1

* Python 3 Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Python3-15-SP5-2024-1857=1

* Python 3 Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Python3-15-SP6-2024-1857=1

## Package List:

* openSUSE Leap 15.4 (noarch)
* python311-requests-2.31.0-150400.6.12.1
* openSUSE Leap 15.5 (noarch)
* python311-requests-2.31.0-150400.6.12.1
* openSUSE Leap 15.6 (noarch)
* python311-requests-2.31.0-150400.6.12.1
* Public Cloud Module 15-SP4 (noarch)
* python311-requests-2.31.0-150400.6.12.1
* Python 3 Module 15-SP5 (noarch)
* python311-requests-2.31.0-150400.6.12.1
* Python 3 Module 15-SP6 (noarch)
* python311-requests-2.31.0-150400.6.12.1

## References:

* https://www.suse.com/security/cve/CVE-2024-35195.html
* https://bugzilla.suse.com/show_bug.cgi?id=1224788



SUSE-SU-2024:1872-1: moderate: Security update for python-tqdm


# Security update for python-tqdm

Announcement ID: SUSE-SU-2024:1872-1
Rating: moderate
References:

* bsc#1223880

Cross-References:

* CVE-2024-34062

CVSS scores:

* CVE-2024-34062 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:L

Affected Products:

* openSUSE Leap 15.4
* openSUSE Leap 15.5
* openSUSE Leap 15.6
* Public Cloud Module 15-SP4
* Python 3 Module 15-SP5
* Python 3 Module 15-SP6
* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4
* SUSE Linux Enterprise Desktop 15 SP5
* SUSE Linux Enterprise Desktop 15 SP6
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
* SUSE Manager Proxy 4.3
* SUSE Manager Retail Branch Server 4.3
* SUSE Manager Server 4.3

An update that solves one vulnerability can now be installed.

## Description:

This update for python-tqdm fixes the following issues:

Update to version 4.66.4:

* rich: fix completion
* cli: eval safety (CVE-2024-34062, bsc#1223880)
* pandas: add DataFrame.progress_map
* notebook: fix HTML padding
* keras: fix resuming training when verbose>=2
* fix format_num negative fractions missing leading zero
* fix Python 3.12 DeprecationWarning on import

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.4
zypper in -t patch SUSE-2024-1872=1

* openSUSE Leap 15.5
zypper in -t patch openSUSE-SLE-15.5-2024-1872=1

* openSUSE Leap 15.6
zypper in -t patch openSUSE-SLE-15.6-2024-1872=1

* Public Cloud Module 15-SP4
zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2024-1872=1

* Python 3 Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Python3-15-SP5-2024-1872=1

* Python 3 Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Python3-15-SP6-2024-1872=1

* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-1872=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-1872=1

* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4
zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-1872=1

* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4
zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-1872=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP4
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-1872=1

## Package List:

* openSUSE Leap 15.4 (noarch)
* python-tqdm-bash-completion-4.66.4-150400.9.12.1
* python311-tqdm-4.66.4-150400.9.12.1
* openSUSE Leap 15.5 (noarch)
* python-tqdm-bash-completion-4.66.4-150400.9.12.1
* python311-tqdm-4.66.4-150400.9.12.1
* openSUSE Leap 15.6 (noarch)
* python-tqdm-bash-completion-4.66.4-150400.9.12.1
* python311-tqdm-4.66.4-150400.9.12.1
* Public Cloud Module 15-SP4 (noarch)
* python311-tqdm-4.66.4-150400.9.12.1
* Python 3 Module 15-SP5 (noarch)
* python-tqdm-bash-completion-4.66.4-150400.9.12.1
* python311-tqdm-4.66.4-150400.9.12.1
* Python 3 Module 15-SP6 (noarch)
* python-tqdm-bash-completion-4.66.4-150400.9.12.1
* python311-tqdm-4.66.4-150400.9.12.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch)
* python-tqdm-bash-completion-4.66.4-150400.9.12.1
* python311-tqdm-4.66.4-150400.9.12.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch)
* python-tqdm-bash-completion-4.66.4-150400.9.12.1
* python311-tqdm-4.66.4-150400.9.12.1
* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (noarch)
* python-tqdm-bash-completion-4.66.4-150400.9.12.1
* python311-tqdm-4.66.4-150400.9.12.1
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch)
* python-tqdm-bash-completion-4.66.4-150400.9.12.1
* python311-tqdm-4.66.4-150400.9.12.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch)
* python-tqdm-bash-completion-4.66.4-150400.9.12.1
* python311-tqdm-4.66.4-150400.9.12.1

## References:

* https://www.suse.com/security/cve/CVE-2024-34062.html
* https://bugzilla.suse.com/show_bug.cgi?id=1223880



SUSE-SU-2024:1864-1: moderate: Security update for python-Jinja2


# Security update for python-Jinja2

Announcement ID: SUSE-SU-2024:1864-1
Rating: moderate
References:

* bsc#1218722
* bsc#1223980

Cross-References:

* CVE-2024-22195
* CVE-2024-34064

CVSS scores:

* CVE-2024-22195 ( SUSE ): 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
* CVE-2024-22195 ( NVD ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
* CVE-2024-34064 ( SUSE ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Affected Products:

* openSUSE Leap 15.4
* openSUSE Leap 15.5
* openSUSE Leap 15.6
* Python 3 Module 15-SP5
* Python 3 Module 15-SP6
* SUSE Linux Enterprise Desktop 15 SP5
* SUSE Linux Enterprise Desktop 15 SP6
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP6

An update that solves two vulnerabilities can now be installed.

## Description:

This update for python-Jinja2 fixes the following issues:

* Fixed HTML attribute injection when passing user input as keys to xmlattr
filter (CVE-2024-34064, bsc#1223980, CVE-2024-22195, bsc#1218722)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.4
zypper in -t patch SUSE-2024-1864=1

* openSUSE Leap 15.5
zypper in -t patch openSUSE-SLE-15.5-2024-1864=1

* openSUSE Leap 15.6
zypper in -t patch openSUSE-SLE-15.6-2024-1864=1

* Python 3 Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Python3-15-SP5-2024-1864=1

* Python 3 Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Python3-15-SP6-2024-1864=1

## Package List:

* openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
* python311-Jinja2-3.1.2-150400.12.6.1
* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64)
* python311-Jinja2-3.1.2-150400.12.6.1
* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
* python311-Jinja2-3.1.2-150400.12.6.1
* Python 3 Module 15-SP5 (aarch64 ppc64le s390x x86_64)
* python311-Jinja2-3.1.2-150400.12.6.1
* Python 3 Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* python311-Jinja2-3.1.2-150400.12.6.1

## References:

* https://www.suse.com/security/cve/CVE-2024-22195.html
* https://www.suse.com/security/cve/CVE-2024-34064.html
* https://bugzilla.suse.com/show_bug.cgi?id=1218722
* https://bugzilla.suse.com/show_bug.cgi?id=1223980



SUSE-SU-2024:1862-1: moderate: Security update for python


# Security update for python

Announcement ID: SUSE-SU-2024:1862-1
Rating: moderate
References:

* bsc#1214675
* bsc#1219306
* bsc#1219559
* bsc#1220970
* bsc#1221854
* bsc#1222537

Cross-References:

* CVE-2022-48560
* CVE-2023-27043
* CVE-2023-52425
* CVE-2024-0450

CVSS scores:

* CVE-2022-48560 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48560 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-27043 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
* CVE-2023-27043 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
* CVE-2023-52425 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52425 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-0450 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products:

* openSUSE Leap 15.5
* openSUSE Leap 15.6
* SUSE Linux Enterprise Desktop 15 SP5
* SUSE Linux Enterprise Desktop 15 SP6
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise Micro 5.5
* SUSE Linux Enterprise Real Time 15 SP5
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
* SUSE Package Hub 15 15-SP5
* SUSE Package Hub 15 15-SP6

An update that solves four vulnerabilities and has two security fixes can now be
installed.

## Description:

This update for python fixes the following issues:

* CVE-2023-52425: Fixed using the system libexpat (bsc#1219559).
* CVE-2023-27043: Modifed fix for unicode string handling in
email.utils.parseaddr() (bsc#1222537).
* CVE-2022-48560: Fixed use-after-free in Python via heappushpop in heapq
(bsc#1214675).
* CVE-2024-0450: Detect the vulnerability of the "quoted-overlap" zipbomb
(bsc#1221854).

Bug fixes:

* Switch off tests. ONLY FOR FACTORY!!! (bsc#1219306).
* Build with -std=gnu89 to build correctly with gcc14 (bsc#1220970).
* Switch from %patchN style to the %patch -P N one.

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.5
zypper in -t patch openSUSE-SLE-15.5-2024-1862=1

* openSUSE Leap 15.6
zypper in -t patch openSUSE-SLE-15.6-2024-1862=1

* SUSE Package Hub 15 15-SP5
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-1862=1

* SUSE Package Hub 15 15-SP6
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2024-1862=1

## Package List:

* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64)
* python-debugsource-2.7.18-150000.65.1
* python-devel-2.7.18-150000.65.1
* python-base-debugsource-2.7.18-150000.65.1
* python-debuginfo-2.7.18-150000.65.1
* libpython2_7-1_0-2.7.18-150000.65.1
* python-idle-2.7.18-150000.65.1
* python-demo-2.7.18-150000.65.1
* python-tk-debuginfo-2.7.18-150000.65.1
* python-gdbm-debuginfo-2.7.18-150000.65.1
* python-2.7.18-150000.65.1
* python-base-2.7.18-150000.65.1
* python-curses-2.7.18-150000.65.1
* libpython2_7-1_0-debuginfo-2.7.18-150000.65.1
* python-base-debuginfo-2.7.18-150000.65.1
* python-curses-debuginfo-2.7.18-150000.65.1
* python-xml-2.7.18-150000.65.1
* python-tk-2.7.18-150000.65.1
* python-gdbm-2.7.18-150000.65.1
* python-xml-debuginfo-2.7.18-150000.65.1
* openSUSE Leap 15.5 (x86_64)
* python-32bit-2.7.18-150000.65.1
* python-32bit-debuginfo-2.7.18-150000.65.1
* python-base-32bit-debuginfo-2.7.18-150000.65.1
* python-base-32bit-2.7.18-150000.65.1
* libpython2_7-1_0-32bit-debuginfo-2.7.18-150000.65.1
* libpython2_7-1_0-32bit-2.7.18-150000.65.1
* openSUSE Leap 15.5 (noarch)
* python-doc-2.7.18-150000.65.1
* python-doc-pdf-2.7.18-150000.65.1
* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
* python-debugsource-2.7.18-150000.65.1
* python-devel-2.7.18-150000.65.1
* python-base-debugsource-2.7.18-150000.65.1
* python-debuginfo-2.7.18-150000.65.1
* libpython2_7-1_0-2.7.18-150000.65.1
* python-idle-2.7.18-150000.65.1
* python-demo-2.7.18-150000.65.1
* python-tk-debuginfo-2.7.18-150000.65.1
* python-gdbm-debuginfo-2.7.18-150000.65.1
* python-2.7.18-150000.65.1
* python-base-2.7.18-150000.65.1
* python-curses-2.7.18-150000.65.1
* libpython2_7-1_0-debuginfo-2.7.18-150000.65.1
* python-base-debuginfo-2.7.18-150000.65.1
* python-curses-debuginfo-2.7.18-150000.65.1
* python-xml-2.7.18-150000.65.1
* python-tk-2.7.18-150000.65.1
* python-gdbm-2.7.18-150000.65.1
* python-xml-debuginfo-2.7.18-150000.65.1
* openSUSE Leap 15.6 (x86_64)
* python-32bit-2.7.18-150000.65.1
* python-32bit-debuginfo-2.7.18-150000.65.1
* python-base-32bit-debuginfo-2.7.18-150000.65.1
* python-base-32bit-2.7.18-150000.65.1
* libpython2_7-1_0-32bit-debuginfo-2.7.18-150000.65.1
* libpython2_7-1_0-32bit-2.7.18-150000.65.1
* openSUSE Leap 15.6 (noarch)
* python-doc-2.7.18-150000.65.1
* python-doc-pdf-2.7.18-150000.65.1
* SUSE Package Hub 15 15-SP5 (aarch64 ppc64le s390x x86_64)
* python-debugsource-2.7.18-150000.65.1
* python-devel-2.7.18-150000.65.1
* python-base-debugsource-2.7.18-150000.65.1
* python-debuginfo-2.7.18-150000.65.1
* libpython2_7-1_0-2.7.18-150000.65.1
* python-gdbm-debuginfo-2.7.18-150000.65.1
* python-2.7.18-150000.65.1
* python-base-2.7.18-150000.65.1
* python-curses-2.7.18-150000.65.1
* libpython2_7-1_0-debuginfo-2.7.18-150000.65.1
* python-base-debuginfo-2.7.18-150000.65.1
* python-curses-debuginfo-2.7.18-150000.65.1
* python-xml-2.7.18-150000.65.1
* python-gdbm-2.7.18-150000.65.1
* python-xml-debuginfo-2.7.18-150000.65.1
* SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x x86_64)
* python-debugsource-2.7.18-150000.65.1
* python-base-debugsource-2.7.18-150000.65.1
* python-debuginfo-2.7.18-150000.65.1
* libpython2_7-1_0-2.7.18-150000.65.1
* python-gdbm-debuginfo-2.7.18-150000.65.1
* python-2.7.18-150000.65.1
* python-base-2.7.18-150000.65.1
* python-curses-2.7.18-150000.65.1
* libpython2_7-1_0-debuginfo-2.7.18-150000.65.1
* python-base-debuginfo-2.7.18-150000.65.1
* python-curses-debuginfo-2.7.18-150000.65.1
* python-xml-2.7.18-150000.65.1
* python-gdbm-2.7.18-150000.65.1
* python-xml-debuginfo-2.7.18-150000.65.1

## References:

* https://www.suse.com/security/cve/CVE-2022-48560.html
* https://www.suse.com/security/cve/CVE-2023-27043.html
* https://www.suse.com/security/cve/CVE-2023-52425.html
* https://www.suse.com/security/cve/CVE-2024-0450.html
* https://bugzilla.suse.com/show_bug.cgi?id=1214675
* https://bugzilla.suse.com/show_bug.cgi?id=1219306
* https://bugzilla.suse.com/show_bug.cgi?id=1219559
* https://bugzilla.suse.com/show_bug.cgi?id=1220970
* https://bugzilla.suse.com/show_bug.cgi?id=1221854
* https://bugzilla.suse.com/show_bug.cgi?id=1222537



SUSE-SU-2024:1859-1: important: Security update for java-1_8_0-ibm


# Security update for java-1_8_0-ibm

Announcement ID: SUSE-SU-2024:1859-1
Rating: important
References:

* bsc#1222979
* bsc#1222983
* bsc#1222984
* bsc#1222986
* bsc#1222987
* bsc#1223470
* bsc#1224164

Cross-References:

* CVE-2023-38264
* CVE-2024-21011
* CVE-2024-21012
* CVE-2024-21068
* CVE-2024-21085
* CVE-2024-21094

CVSS scores:

* CVE-2023-38264 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-21011 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
* CVE-2024-21012 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
* CVE-2024-21068 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
* CVE-2024-21085 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
* CVE-2024-21094 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

Affected Products:

* Legacy Module 15-SP5
* Legacy Module 15-SP6
* openSUSE Leap 15.5
* openSUSE Leap 15.6
* SUSE Enterprise Storage 7.1
* SUSE Linux Enterprise High Performance Computing 15 SP3
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
* SUSE Linux Enterprise Server 15 SP2
* SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2
* SUSE Linux Enterprise Server 15 SP3
* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP2
* SUSE Linux Enterprise Server for SAP Applications 15 SP3
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP6

An update that solves six vulnerabilities and has one security fix can now be
installed.

## Description:

This update for java-1_8_0-ibm fixes the following issues:

Update to Java 8.0 Service Refresh 8 Fix Pack 25 (bsc#1223470):

* CVE-2023-38264: Fixed Object Request Broker (ORB) denial of service
(bsc#1224164).
* CVE-2024-21094: Fixed C2 compilation fails with "Exceeded _node_regs array"
(bsc#1222986).
* CVE-2024-21068: Fixed integer overflow in C1 compiler address generation
(bsc#1222983).
* CVE-2024-21085: Fixed Pack200 excessive memory allocation (bsc#1222984).
* CVE-2024-21011: Fixed Long Exception message leading to crash (bsc#1222979).
* CVE-2024-21012: Fixed HTTP/2 client improper reverse DNS lookup
(bsc#1222987).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.5
zypper in -t patch openSUSE-SLE-15.5-2024-1859=1

* openSUSE Leap 15.6
zypper in -t patch openSUSE-SLE-15.6-2024-1859=1

* Legacy Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Legacy-15-SP5-2024-1859=1

* Legacy Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Legacy-15-SP6-2024-1859=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-1859=1

* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-1859=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-1859=1

* SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-1859=1

* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3
zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-1859=1

* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4
zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-1859=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP2
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-1859=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP3
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-1859=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP4
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-1859=1

* SUSE Enterprise Storage 7.1
zypper in -t patch SUSE-Storage-7.1-2024-1859=1

## Package List:

* openSUSE Leap 15.5 (nosrc ppc64le s390x x86_64)
* java-1_8_0-ibm-1.8.0_sr8.25-150000.3.89.1
* openSUSE Leap 15.5 (x86_64)
* java-1_8_0-ibm-plugin-1.8.0_sr8.25-150000.3.89.1
* java-1_8_0-ibm-alsa-1.8.0_sr8.25-150000.3.89.1
* java-1_8_0-ibm-32bit-1.8.0_sr8.25-150000.3.89.1
* java-1_8_0-ibm-devel-32bit-1.8.0_sr8.25-150000.3.89.1
* openSUSE Leap 15.5 (ppc64le s390x x86_64)
* java-1_8_0-ibm-demo-1.8.0_sr8.25-150000.3.89.1
* java-1_8_0-ibm-src-1.8.0_sr8.25-150000.3.89.1
* java-1_8_0-ibm-devel-1.8.0_sr8.25-150000.3.89.1
* openSUSE Leap 15.6 (nosrc ppc64le s390x x86_64)
* java-1_8_0-ibm-1.8.0_sr8.25-150000.3.89.1
* openSUSE Leap 15.6 (x86_64)
* java-1_8_0-ibm-plugin-1.8.0_sr8.25-150000.3.89.1
* java-1_8_0-ibm-alsa-1.8.0_sr8.25-150000.3.89.1
* java-1_8_0-ibm-32bit-1.8.0_sr8.25-150000.3.89.1
* java-1_8_0-ibm-devel-32bit-1.8.0_sr8.25-150000.3.89.1
* openSUSE Leap 15.6 (ppc64le s390x x86_64)
* java-1_8_0-ibm-demo-1.8.0_sr8.25-150000.3.89.1
* java-1_8_0-ibm-src-1.8.0_sr8.25-150000.3.89.1
* java-1_8_0-ibm-devel-1.8.0_sr8.25-150000.3.89.1
* Legacy Module 15-SP5 (nosrc ppc64le s390x x86_64)
* java-1_8_0-ibm-1.8.0_sr8.25-150000.3.89.1
* Legacy Module 15-SP5 (ppc64le s390x x86_64)
* java-1_8_0-ibm-devel-1.8.0_sr8.25-150000.3.89.1
* Legacy Module 15-SP5 (x86_64)
* java-1_8_0-ibm-plugin-1.8.0_sr8.25-150000.3.89.1
* java-1_8_0-ibm-alsa-1.8.0_sr8.25-150000.3.89.1
* Legacy Module 15-SP6 (nosrc ppc64le s390x x86_64)
* java-1_8_0-ibm-1.8.0_sr8.25-150000.3.89.1
* Legacy Module 15-SP6 (ppc64le s390x x86_64)
* java-1_8_0-ibm-devel-1.8.0_sr8.25-150000.3.89.1
* Legacy Module 15-SP6 (x86_64)
* java-1_8_0-ibm-plugin-1.8.0_sr8.25-150000.3.89.1
* java-1_8_0-ibm-alsa-1.8.0_sr8.25-150000.3.89.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (nosrc x86_64)
* java-1_8_0-ibm-1.8.0_sr8.25-150000.3.89.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (x86_64)
* java-1_8_0-ibm-plugin-1.8.0_sr8.25-150000.3.89.1
* java-1_8_0-ibm-alsa-1.8.0_sr8.25-150000.3.89.1
* java-1_8_0-ibm-devel-1.8.0_sr8.25-150000.3.89.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (nosrc x86_64)
* java-1_8_0-ibm-1.8.0_sr8.25-150000.3.89.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (x86_64)
* java-1_8_0-ibm-plugin-1.8.0_sr8.25-150000.3.89.1
* java-1_8_0-ibm-alsa-1.8.0_sr8.25-150000.3.89.1
* java-1_8_0-ibm-devel-1.8.0_sr8.25-150000.3.89.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (nosrc x86_64)
* java-1_8_0-ibm-1.8.0_sr8.25-150000.3.89.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (x86_64)
* java-1_8_0-ibm-plugin-1.8.0_sr8.25-150000.3.89.1
* java-1_8_0-ibm-alsa-1.8.0_sr8.25-150000.3.89.1
* java-1_8_0-ibm-devel-1.8.0_sr8.25-150000.3.89.1
* SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (nosrc ppc64le s390x x86_64)
* java-1_8_0-ibm-1.8.0_sr8.25-150000.3.89.1
* SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (ppc64le s390x x86_64)
* java-1_8_0-ibm-devel-1.8.0_sr8.25-150000.3.89.1
* SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (x86_64)
* java-1_8_0-ibm-plugin-1.8.0_sr8.25-150000.3.89.1
* java-1_8_0-ibm-alsa-1.8.0_sr8.25-150000.3.89.1
* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (nosrc ppc64le s390x x86_64)
* java-1_8_0-ibm-1.8.0_sr8.25-150000.3.89.1
* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (ppc64le s390x x86_64)
* java-1_8_0-ibm-devel-1.8.0_sr8.25-150000.3.89.1
* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (x86_64)
* java-1_8_0-ibm-plugin-1.8.0_sr8.25-150000.3.89.1
* java-1_8_0-ibm-alsa-1.8.0_sr8.25-150000.3.89.1
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (nosrc ppc64le s390x x86_64)
* java-1_8_0-ibm-1.8.0_sr8.25-150000.3.89.1
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (ppc64le s390x x86_64)
* java-1_8_0-ibm-devel-1.8.0_sr8.25-150000.3.89.1
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (x86_64)
* java-1_8_0-ibm-plugin-1.8.0_sr8.25-150000.3.89.1
* java-1_8_0-ibm-alsa-1.8.0_sr8.25-150000.3.89.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP2 (nosrc ppc64le
x86_64)
* java-1_8_0-ibm-1.8.0_sr8.25-150000.3.89.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64)
* java-1_8_0-ibm-devel-1.8.0_sr8.25-150000.3.89.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP2 (x86_64)
* java-1_8_0-ibm-plugin-1.8.0_sr8.25-150000.3.89.1
* java-1_8_0-ibm-alsa-1.8.0_sr8.25-150000.3.89.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP3 (nosrc ppc64le
x86_64)
* java-1_8_0-ibm-1.8.0_sr8.25-150000.3.89.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64)
* java-1_8_0-ibm-devel-1.8.0_sr8.25-150000.3.89.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP3 (x86_64)
* java-1_8_0-ibm-plugin-1.8.0_sr8.25-150000.3.89.1
* java-1_8_0-ibm-alsa-1.8.0_sr8.25-150000.3.89.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (nosrc ppc64le
x86_64)
* java-1_8_0-ibm-1.8.0_sr8.25-150000.3.89.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
* java-1_8_0-ibm-devel-1.8.0_sr8.25-150000.3.89.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64)
* java-1_8_0-ibm-plugin-1.8.0_sr8.25-150000.3.89.1
* java-1_8_0-ibm-alsa-1.8.0_sr8.25-150000.3.89.1
* SUSE Enterprise Storage 7.1 (nosrc x86_64)
* java-1_8_0-ibm-1.8.0_sr8.25-150000.3.89.1
* SUSE Enterprise Storage 7.1 (x86_64)
* java-1_8_0-ibm-plugin-1.8.0_sr8.25-150000.3.89.1
* java-1_8_0-ibm-alsa-1.8.0_sr8.25-150000.3.89.1
* java-1_8_0-ibm-devel-1.8.0_sr8.25-150000.3.89.1

## References:

* https://www.suse.com/security/cve/CVE-2023-38264.html
* https://www.suse.com/security/cve/CVE-2024-21011.html
* https://www.suse.com/security/cve/CVE-2024-21012.html
* https://www.suse.com/security/cve/CVE-2024-21068.html
* https://www.suse.com/security/cve/CVE-2024-21085.html
* https://www.suse.com/security/cve/CVE-2024-21094.html
* https://bugzilla.suse.com/show_bug.cgi?id=1222979
* https://bugzilla.suse.com/show_bug.cgi?id=1222983
* https://bugzilla.suse.com/show_bug.cgi?id=1222984
* https://bugzilla.suse.com/show_bug.cgi?id=1222986
* https://bugzilla.suse.com/show_bug.cgi?id=1222987
* https://bugzilla.suse.com/show_bug.cgi?id=1223470
* https://bugzilla.suse.com/show_bug.cgi?id=1224164



SUSE-SU-2024:1498-2: low: Security update for java-11-openjdk


# Security update for java-11-openjdk

Announcement ID: SUSE-SU-2024:1498-2
Rating: low
References:

* bsc#1213470
* bsc#1222979
* bsc#1222983
* bsc#1222984
* bsc#1222986
* bsc#1222987

Cross-References:

* CVE-2024-21011
* CVE-2024-21012
* CVE-2024-21068
* CVE-2024-21085
* CVE-2024-21094

CVSS scores:

* CVE-2024-21011 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
* CVE-2024-21012 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
* CVE-2024-21068 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
* CVE-2024-21085 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
* CVE-2024-21094 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

Affected Products:

* Legacy Module 15-SP6
* openSUSE Leap 15.6
* SUSE Linux Enterprise Desktop 15 SP6
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
* SUSE Package Hub 15 15-SP6

An update that solves five vulnerabilities and has one security fix can now be
installed.

## Description:

This update for java-11-openjdk fixes the following issues:

* CVE-2024-21011: Fixed denial of service due to long Exception message
logging (JDK-8319851,bsc#1222979)
* CVE-2024-21012: Fixed unauthorized data modification due HTTP/2 client
improper reverse DNS lookup (JDK-8315708,bsc#1222987)
* CVE-2024-21068: Fixed integer overflow in C1 compiler address generation
(JDK-8322122,bsc#1222983)
* CVE-2024-21085: Fixed denial of service due to Pack200 excessive memory
allocation (JDK-8322114,bsc#1222984)
* CVE-2024-21094: Fixed unauthorized data modification due to C2 compilation
failure with "Exceeded _node_regs array"
(JDK-8317507,JDK-8325348,bsc#1222986)

Other fixes: \- Upgrade to upstream tag jdk-11.0.23+9 (April 2024 CPU) *
Security fixes \+ JDK-8318340: Improve RSA key implementations * Other changes
\+ JDK-6928542: Chinese characters in RTF are not decoded \+ JDK-7132796:
[macosx] closed/javax/swing/JComboBox/4517214/ /bug4517214.java fails on MacOS
\+ JDK-7148092: [macosx] When Alt+down arrow key is pressed, the combobox popup
does not appear. \+ JDK-8054022: HttpURLConnection timeouts with Expect:
100-Continue and no chunking \+ JDK-8054572: [macosx] JComboBox paints the
border incorrectly \+ JDK-8058176: [mlvm] tests should not allow code cache
exhaustion \+ JDK-8067651: LevelTransitionTest.java, fix trivial methods levels
logic \+ JDK-8068225: nsk/jdi/EventQueue/remove_l/remove_l005 intermittently
times out \+ JDK-8156889: ListKeychainStore.sh fails in some virtualized
environments \+ JDK-8166275: vm/mlvm/meth/stress/compiler/deoptimize keeps
timeouting \+ JDK-8166554: Avoid compilation blocking in
OverloadCompileQueueTest.java \+ JDK-8169475: WheelModifier.java fails by
timeout \+ JDK-8180266: Convert sun/security/provider/KeyStore/DKSTest.sh to
Java Jtreg Test \+ JDK-8186610: move ModuleUtils to top-level testlibrary \+
JDK-8192864: defmeth tests can hide failures \+ JDK-8193543: Regression
automated test '/open/test/jdk/java/
/awt/TrayIcon/SystemTrayInstance/SystemTrayInstanceTest.java' fails \+
JDK-8198668: MemoryPoolMBean/isUsageThresholdExceeded/
/isexceeded001/TestDescription.java still failing \+ JDK-8202282: [TESTBUG]
appcds TestCommon .makeCommandLineForAppCDS() can be removed \+ JDK-8202790: DnD
test DisposeFrameOnDragTest.java does not clean up \+ JDK-8202931: [macos]
java/awt/Choice/ChoicePopupLocation/ /ChoicePopupLocation.java fails \+
JDK-8207211: [TESTBUG] Remove excessive output from CDS/AppCDS tests \+
JDK-8207214: Broken links in JDK API serialized-form page \+ JDK-8207855: Make
applications/jcstress invoke tests in batches \+ JDK-8208243:
vmTestbase/gc/lock/jni/jnilock002/ /TestDescription.java fails in jdk/hs nightly
\+ JDK-8208278: [mlvm] [TESTBUG] vm.mlvm.mixed.stress.java
.findDeadlock.INDIFY_Test Deadlocked threads are not always detected \+
JDK-8208623: [TESTBUG] runtime/LoadClass/LongBCP.java fails in AUFS file system
\+ JDK-8208699: remove unneeded imports from runtime tests \+ JDK-8208704:
runtime/appcds/MultiReleaseJars.java timed out often in hs-tier7 testing \+
JDK-8208705: [TESTBUG] The -Xlog:cds,cds+hashtables vm option is not always
required for appcds tests \+ JDK-8209549: remove VMPropsExt from TEST.ROOT \+
JDK-8209595: MonitorVmStartTerminate.java timed out \+ JDK-8209946: [TESTBUG]
CDS tests should use "@run driver" \+ JDK-8211438: [Testbug]
runtime/XCheckJniJsig/XCheckJSig.java looks for libjsig in wrong location \+
JDK-8211978: Move testlibrary/jdk/testlibrary/ /SimpleSSLContext.java and
testkeys to network testlibrary \+ JDK-8213622: Windows VS2013 build failure -
"'snprintf': identifier not found" \+ JDK-8213926:
WB_EnqueueInitializerForCompilation requests compilation for NULL \+
JDK-8213927: G1 ignores AlwaysPreTouch when UseTransparentHugePages is enabled
\+ JDK-8214908: add ctw tests for jdk.jfr and jdk.management.jfr modules \+
JDK-8214915: CtwRunner misses export for jdk.internal.access \+ JDK-8216408:
XMLStreamWriter setDefaultNamespace(null) throws NullPointerException \+
JDK-8217475: Unexpected StackOverflowError in "process reaper" thread \+
JDK-8218754: JDK-8068225 regression in JDIBreakpointTest \+ JDK-8219475: javap
man page needs to be updated \+ JDK-8219585: [TESTBUG]
sun/management/jmxremote/bootstrap/ /JMXInterfaceBindingTest.java passes
trivially when it shouldn't \+ JDK-8219612: [TESTBUG]
compiler.codecache.stress.Helper .TestCaseImpl can't be defined in different
runtime package as its nest host \+ JDK-8225471: Test utility
jdk.test.lib.util.FileUtils .areAllMountPointsAccessible needs to tolerate
duplicates \+ JDK-8226706: (se) Reduce the number of outer loop iterations on
Windows in java/nio/channels/Selector/RacyDeregister.java \+ JDK-8226905:
unproblem list applications/ctw/modules/ _tests on windows \+ JDK-8226910: make
it possible to use jtreg 's -match via run-test framework \+ JDK-8227438:
[TESTLIB] Determine if file exists by Files.exists in function
FileUtils.deleteFileIfExistsWithRetry \+ JDK-8231585:
java/lang/management/ThreadMXBean/ /MaxDepthForThreadInfoTest.java fails with
java.lang.NullPointerException \+ JDK-8232839: JDI AfterThreadDeathTest.java
failed due to "FAILED: Did not get expected IllegalThreadStateException on a
StepRequest.enable()" \+ JDK-8233453: MLVM deoptimize stress test timed out \+
JDK-8234309: LFGarbageCollectedTest.java fails with parse Exception \+
JDK-8237222: [macos] java/awt/Focus/UnaccessibleChoice/
/AccessibleChoiceTest.java fails \+ JDK-8237777: "Dumping core ..." is shown
despite claiming that "# No core dump will be written." \+ JDK-8237834:
com/sun/jndi/ldap/LdapDnsProviderTest.java failing with LDAP response read
timeout \+ JDK-8238274: (sctp) JDK-7118373 is not fixed for SctpChannel \+
JDK-8239801: [macos] java/awt/Focus/UnaccessibleChoice/
/AccessibleChoiceTest.java fails \+ JDK-8244679: JVM/TI
GetCurrentContendedMonitor/contmon001 failed due to "(IsSameObject#3) unexpected
monitor object: 0x000000562336DBA8" \+ JDK-8246222: Rename javac test
T6395981.java to be more informative \+ JDK-8247818: GCC 10 warning stringop-
overflow with symbol code \+ JDK-8249087: Always initialize _body[0..1] in
Symbol constructor \+ JDK-8251349: Add TestCaseImpl to
OverloadCompileQueueTest.java's build dependencies \+ JDK-8251904:
vmTestbase/nsk/sysdict/vm/stress/btree/btree010/ /btree010.java fails with
ClassNotFoundException: nsk.sysdict.share.BTree0LLRLRLRRLR \+ JDK-8253543:
sanity/client/SwingSet/src/ /ButtonDemoScreenshotTest.java failed with
"AssertionError: All pixels are not black" \+ JDK-8253739:
java/awt/image/MultiResolutionImage/ /MultiResolutionImageObserverTest.java
fails \+ JDK-8253820: Save test images and dumps with timestamps from client
sanity suite \+ JDK-8255277: randomDelay in DrainDeadlockT and LoggingDeadlock
do not randomly delay \+ JDK-8255546: Missing coverage for
javax.smartcardio.CardPermission and ResponseAPDU \+ JDK-8255743: Relax SIGFPE
match in in runtime/ErrorHandling/SecondaryErrorTest.java \+ JDK-8257505:
nsk/share/test/StressOptions stressTime is scaled in getter but not when printed
\+ JDK-8259801: Enable XML Signature secure validation mode by default \+
JDK-8264135: UnsafeGetStableArrayElement should account for different JIT
implementation details \+ JDK-8265349: vmTestbase/../stress/compiler/deoptimize/
/Test.java fails with OOME due to CodeCache exhaustion. \+ JDK-8269025:
jsig/Testjsig.java doesn't check exit code \+ JDK-8269077: TestSystemGC uses
"require vm.gc.G1" for large pages subtest \+ JDK-8271094:
runtime/duplAttributes/DuplAttributesTest.java doesn't check exit code \+
JDK-8271224: runtime/EnclosingMethodAttr/EnclMethodAttr.java doesn't check exit
code \+ JDK-8271828: mark hotspot runtime/classFileParserBug tests which ignore
external VM flags \+ JDK-8271829: mark hotspot runtime/Throwable tests which
ignore external VM flags \+ JDK-8271890: mark hotspot runtime/Dictionary tests
which ignore external VM flags \+ JDK-8272291: mark hotspot runtime/logging
tests which ignore external VM flags \+ JDK-8272335:
runtime/cds/appcds/MoveJDKTest.java doesn't check exit codes \+ JDK-8272551:
mark hotspot runtime/modules tests which ignore external VM flags \+
JDK-8272552: mark hotspot runtime/cds tests which ignore external VM flags \+
JDK-8273803: Zero: Handle "zero" variant in CommandLineOptionTest.java \+
JDK-8274122: java/io/File/createTempFile/SpecialTempFile.java fails in Windows
11 \+ JDK-8274621: NullPointerException because listenAddress[0] is null \+
JDK-8276796: gc/TestSystemGC.java large pages subtest fails with ZGC \+
JDK-8280007: Enable Neoverse N1 optimizations for Arm Neoverse V1 & N2 \+
JDK-8281149: (fs) java/nio/file/FileStore/Basic.java fails with
java.lang.RuntimeException: values differ by more than 1GB \+ JDK-8281377:
Remove vmTestbase/nsk/monitoring/ThreadMXBean/
/ThreadInfo/Deadlock/JavaDeadlock001/TestDescription.java from problemlist. \+
JDK-8281717: Cover logout method for several LoginModule \+ JDK-8282665: [REDO]
ByteBufferTest.java: replace endless recursion with RuntimeException in void
ck(double x, double y) \+ JDK-8284090:
com/sun/security/auth/module/AllPlatforms.java fails to compile \+ JDK-8285756:
clean up use of bad arguments for `@clean` in langtools tests \+ JDK-8285785:
CheckCleanerBound test fails with PasswordCallback object is not released \+
JDK-8285867: Convert applet manual tests SelectionVisible.java to Frame and
automate \+ JDK-8286846: test/jdk/javax/swing/plaf/aqua/
/CustomComboBoxFocusTest.java fails on mac aarch64 \+ JDK-8286969: Add a new
test library API to execute kinit in SecurityTools.java \+ JDK-8287113: JFR:
Periodic task thread uses period for method sampling events \+ JDK-8289511:
Improve test coverage for XPath Axes: child \+ JDK-8289764: gc/lock tests failed
with "OutOfMemoryError: Java heap space: failed reallocation of scalar replaced
objects" \+ JDK-8289948: Improve test coverage for XPath functions: Node Set
Functions \+ JDK-8290399: [macos] Aqua LAF does not fire an action event if
combo box menu is displayed \+ JDK-8290909:
MemoryPoolMBean/isUsageThresholdExceeded tests failed with
"isUsageThresholdExceeded() returned false, and is still false, while threshold
= MMMMMMM and used peak = NNNNNNN" \+ JDK-8292182: [TESTLIB] Enhance
JAXPPolicyManager to setup required permissions for jtreg version 7 jar \+
JDK-8292946: GC lock/jni/jnilock001 test failed "assert(gch->gc_cause() ==
GCCause::_scavenge_alot || !gch->incremental_collection_failed()) failed: Twice
in a row" \+ JDK-8293819: sun/util/logging/PlatformLoggerTest.java failed with
"RuntimeException: Retrieved backing PlatformLogger level null is not the
expected CONFIG" \+ JDK-8294158: HTML formatting for PassFailJFrame instructions
\+ JDK-8294254: [macOS] javax/swing/plaf/aqua/ /CustomComboBoxFocusTest.java
failure \+ JDK-8294402: Add diagnostic logging to VMProps.checkDockerSupport \+
JDK-8294535: Add screen capture functionality to PassFailJFrame \+ JDK-8296083:
javax/swing/JTree/6263446/bug6263446.java fails intermittently on a VM \+
JDK-8296384: [TESTBUG] sun/security/provider/SecureRandom/
/AbstractDrbg/SpecTest.java intermittently timeout \+ JDK-8299494: Test
vmTestbase/nsk/stress/except/except011.java failed: ExceptionInInitializerError:
target class not found \+ JDK-8300269: The selected item in an editable
JComboBox with titled border is not visible in Aqua LAF \+ JDK-8300727:
java/awt/List/ListGarbageCollectionTest/ /AwtListGarbageCollectionTest.java
failed with "List wasn't garbage collected" \+ JDK-8301310: The
SendRawSysexMessage test may cause a JVM crash \+ JDK-8301377: adjust timeout
for JLI GetObjectSizeIntrinsicsTest.java subtest again \+ JDK-8301846: Invalid
TargetDataLine after screen lock when using JFileChooser or COM library \+
JDK-8302017: Allocate BadPaddingException only if it will be thrown \+
JDK-8302109: Trivial fixes to btree tests \+ JDK-8302149: Speed up
compiler/jsr292/methodHandleExceptions/TestAMEnotNPE.java \+ JDK-8302607:
increase timeout for ContinuousCallSiteTargetChange.java \+ JDK-8304074: [JMX]
Add an approximation of total bytes allocated on the Java heap by the JVM \+
JDK-8304314: StackWalkTest.java fails after CODETOOLS-7903373 \+ JDK-8304725:
AsyncGetCallTrace can cause SIGBUS on M1 \+ JDK-8305502: adjust timeouts in
three more M&M tests \+ JDK-8305505: NPE in javazic compiler \+ JDK-8305972:
Update XML Security for Java to 3.0.2 \+ JDK-8306072: Open source several AWT
MouseInfo related tests \+ JDK-8306076: Open source AWT misc tests \+
JDK-8306409: Open source AWT KeyBoardFocusManger, LightWeightComponent related
tests \+ JDK-8306640: Open source several AWT TextArea related tests \+
JDK-8306652: Open source AWT MenuItem related tests \+ JDK-8306681: Open source
more AWT DnD related tests \+ JDK-8306683: Open source several clipboard and
color AWT tests \+ JDK-8306752: Open source several container and component AWT
tests \+ JDK-8306753: Open source several container AWT tests \+ JDK-8306755:
Open source few Swing JComponent and AbstractButton tests \+ JDK-8306812: Open
source several AWT Miscellaneous tests \+ JDK-8306871: Open source more AWT Drag
& Drop tests \+ JDK-8306996: Open source Swing MenuItem related tests \+
JDK-8307123: Fix deprecation warnings in DPrinter \+ JDK-8307130: Open source
few Swing JMenu tests \+ JDK-8307299: Move more DnD tests to open \+
JDK-8307311: Timeouts on one macOS 12.6.1 host of two Swing JTableHeader tests
\+ JDK-8307381: Open Source JFrame, JIF related Swing Tests \+ JDK-8307683: Loop
Predication should not hoist range checks with trap on success projection by
negating their condition \+ JDK-8308043: Deadlock in TestCSLocker.java due to
blocking GC while allocating \+ JDK-8308116:
jdk.test.lib.compiler.InMemoryJavaCompiler .compile does not close files \+
JDK-8308223: failure handler missed jcmd.vm.info command \+ JDK-8308232: nsk/jdb
tests don't pass -verbose flag to the debuggee \+ JDK-8308245: Add -proc:full to
describe current default annotation processing policy \+ JDK-8308336: Test
java/net/HttpURLConnection/ /HttpURLConnectionExpectContinueTest.java failed:
java.net.BindException: Address already in use \+ JDK-8309104: [JVMCI]
compiler/unsafe/ /UnsafeGetStableArrayElement test asserts wrong values with
Graal \+ JDK-8309119: [17u/11u] Redo JDK-8297951: C2: Create skeleton predicates
for all If nodes in loop predication \+ JDK-8309462: [AIX]
vmTestbase/nsk/jvmti/RunAgentThread/ /agentthr001/TestDescription.java crashing
due to empty while loop \+ JDK-8309778: java/nio/file/Files/CopyAndMove.java
fails when using second test directory \+ JDK-8309870: Using -proc:full should
be considered requesting explicit annotation processing \+ JDK-8310106:
sun.security.ssl.SSLHandshake .getHandshakeProducer() incorrectly checks
handshakeConsumers \+ JDK-8310238: [test bug] javax/swing/JTableHeader/6889007/
/bug6889007.java fails \+ JDK-8310551:
vmTestbase/nsk/jdb/interrupt/interrupt001/ /interrupt001.java timed out due to
missing prompt \+ JDK-8310807: java/nio/channels/DatagramChannel/Connect.java
timed out \+ JDK-8311081: KeytoolReaderP12Test.java fail on localized Windows
platform \+ JDK-8311511: Improve description of NativeLibrary JFR event \+
JDK-8311585: Add JRadioButtonMenuItem to bug8031573.java \+ JDK-8313081:
MonitoringSupport_lock should be unconditionally initialized after 8304074 \+
JDK-8313082: Enable CreateCoredumpOnCrash for testing in makefiles \+
JDK-8313164: src/java.desktop/windows/native/libawt/windows/ /awt_Robot.cpp
GetRGBPixels adjust releasing of resources \+ JDK-8313252:
Java_sun_awt_windows_ThemeReader_paintBackground release resources in early
returns \+ JDK-8313643: Update HarfBuzz to 8.2.2 \+ JDK-8313816: Accessing
jmethodID might lead to spurious crashes \+ JDK-8314144:
gc/g1/ihop/TestIHOPStatic.java fails due to extra concurrent mark with -Xcomp \+
JDK-8314164: java/net/HttpURLConnection/
/HttpURLConnectionExpectContinueTest.java fails intermittently in timeout \+
JDK-8314883: Java_java_util_prefs_FileSystemPreferences_lockFile0 write result
errno in missing case \+ JDK-8315034: File.mkdirs() occasionally fails to create
folders on Windows shared folder \+ JDK-8315042: NPE in PKCS7.parseOldSignedData
\+ JDK-8315415: OutputAnalyzer.shouldMatchByLine() fails in some cases \+
JDK-8315499: build using devkit on Linux ppc64le RHEL puts path to devkit into
libsplashscreen \+ JDK-8315594: Open source few headless Swing misc tests \+
JDK-8315600: Open source few more headless Swing misc tests \+ JDK-8315602: Open
source swing security manager test \+ JDK-8315606: Open source few swing
text/html tests \+ JDK-8315611: Open source swing text/html and tree test \+
JDK-8315680: java/lang/ref/ReachabilityFenceTest.java should run with -Xbatch \+
JDK-8315731: Open source several Swing Text related tests \+ JDK-8315761: Open
source few swing JList and JMenuBar tests \+ JDK-8315986: [macos14]
javax/swing/JMenuItem/4654927/ /bug4654927.java: component must be showing on
the screen to determine its location \+ JDK-8316001: GC: Make
TestArrayAllocatorMallocLimit use createTestJvm \+ JDK-8316028: Update FreeType
to 2.13.2 \+ JDK-8316030: Update Libpng to 1.6.40 \+ JDK-8316106: Open source
few swing JInternalFrame and JMenuBar tests \+ JDK-8316461: Fix: make test
outputs TEST SUCCESS after unsuccessful exit \+ JDK-8316947: Write a test to
check textArea triggers MouseEntered/MouseExited events properly \+ JDK-8317307:
test/jdk/com/sun/jndi/ldap/ /LdapPoolTimeoutTest.java fails with
ConnectException: Connection timed out: no further information \+ JDK-8317327:
Remove JT_JAVA dead code in jib-profiles.js \+ JDK-8318154: Improve stability of
WheelModifier.java test \+ JDK-8318410: jdk/java/lang/instrument/BootClassPath/
/BootClassPathTest.sh fails on Japanese Windows \+ JDK-8318468:
compiler/tiered/LevelTransitionTest.java fails with -XX:CompileThreshold=100
-XX:TieredStopAtLevel=1 \+ JDK-8318603: Parallelize
sun/java2d/marlin/ClipShapeTest.java \+ JDK-8318607: Enable parallelism in
vmTestbase/nsk/stress/jni tests \+ JDK-8318608: Enable parallelism in
vmTestbase/nsk/stress/threads tests \+ JDK-8318736:
com/sun/jdi/JdwpOnThrowTest.java failed with "transport error 202: bind failed:
Address already in use" \+ JDK-8318889: C2: add bailout after assert Bad graph
detected in build_loop_late \+ JDK-8318951: Additional negative value check in
JPEG decoding \+ JDK-8318955: Add ReleaseIntArrayElements in
Java_sun_awt_X11_XlibWrapper_SetBitmapShape XlbWrapper.c to early return \+
JDK-8318971: Better Error Handling for Jar Tool When Processing Non-existent
Files \+ JDK-8318983: Fix comment typo in PKCS12Passwd.java \+ JDK-8319124:
Update XML Security for Java to 3.0.3 \+ JDK-8319456:
jdk/jfr/event/gc/collection/ /TestGCCauseWith[Serial|Parallel].java : GC cause
'GCLocker Initiated GC' not in the valid causes \+ JDK-8319668: Fixup of jar
filename typo in BadFactoryTest.sh \+ JDK-8320001: javac crashes while adding
type annotations to the return type of a constructor \+ JDK-8320208: Update
Public Suffix List to b5bf572 \+ JDK-8320363: ppc64 TypeEntries::type_unknown
logic looks wrong, missed optimization opportunity \+ JDK-8320597: RSA signature
verification fails on signed data that does not encode params correctly \+
JDK-8320798: Console read line with zero out should zero out underlying buffer
\+ JDK-8320884: Bump update version for OpenJDK: jdk-11.0.23 \+ JDK-8320937:
support latest VS2022 MSC_VER in abstract_vm_version.cpp \+ JDK-8321151:
JDK-8294427 breaks Windows L&F on all older Windows versions \+ JDK-8321215:
Incorrect x86 instruction encoding for VSIB addressing mode \+ JDK-8321408: Add
Certainly roots R1 and E1 \+ JDK-8321480: ISO 4217 Amendment 176 Update \+
JDK-8322178: Error. can't find jdk.testlibrary .SimpleSSLContext in test
directory or libraries \+ JDK-8322417: Console read line with zero out should
zero out when throwing exception \+ JDK-8322725: (tz) Update Timezone Data to
2023d \+ JDK-8322750: Test "api/java_awt/interactive/ /SystemTrayTests.html"
failed because A blue ball icon is added outside of the system tray \+
JDK-8322752: [11u] GetStackTraceAndRetransformTest.java is failing assert \+
JDK-8322772: Clean up code after JDK-8322417 \+ JDK-8323008: filter out harmful
-std_ flags added by autoconf from CXX \+ JDK-8323243: JNI invocation of an
abstract instance method corrupts the stack \+ JDK-8323515: Create test alias
"all" for all test roots \+ JDK-8323640: [TESTBUG]testMemoryFailCount in
jdk/internal/ /platform/docker/TestDockerMemoryMetrics.java always fail because
OOM killed \+ JDK-8324184: Windows VS2010 build failed with "error C2275:
'int64_t'" \+ JDK-8324307: [11u] hotspot fails to build with GCC 12 and newer
(non-static data member initializers) \+ JDK-8324347: Enable "maybe-
uninitialized" warning for FreeType 2.13.1 \+ JDK-8324659: GHA: Generic jtreg
errors are not reported \+ JDK-8325096: Test
java/security/cert/CertPathBuilder/akiExt/ /AKISerialNumber.java is failing \+
JDK-8325150: (tz) Update Timezone Data to 2024a \+ JDK-8326109: GCC 13 reports
maybe-uninitialized warnings for jni.cpp with dtrace enabled \+ JDK-8326503:
[11u] java/net/HttpURLConnection/ /HttpURLConnectionExpectContinueTest.java fail
because of package org.junit.jupiter.api does not exist \+ JDK-8327391: Add
SipHash attribution file \+ JDK-8329837: [11u] Remove designator
DEFAULT_PROMOTED_VERSION_PRE=ea for release 11.0.23

* Removed the possibility to use the system timezone-java (bsc#1213470)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.6
zypper in -t patch openSUSE-SLE-15.6-2024-1498=1

* Legacy Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Legacy-15-SP6-2024-1498=1

* SUSE Package Hub 15 15-SP6
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2024-1498=1

## Package List:

* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
* java-11-openjdk-headless-11.0.23.0-150000.3.113.1
* java-11-openjdk-devel-11.0.23.0-150000.3.113.1
* java-11-openjdk-devel-debuginfo-11.0.23.0-150000.3.113.1
* java-11-openjdk-debuginfo-11.0.23.0-150000.3.113.1
* java-11-openjdk-headless-debuginfo-11.0.23.0-150000.3.113.1
* java-11-openjdk-demo-11.0.23.0-150000.3.113.1
* java-11-openjdk-debugsource-11.0.23.0-150000.3.113.1
* java-11-openjdk-src-11.0.23.0-150000.3.113.1
* java-11-openjdk-11.0.23.0-150000.3.113.1
* java-11-openjdk-jmods-11.0.23.0-150000.3.113.1
* openSUSE Leap 15.6 (noarch)
* java-11-openjdk-javadoc-11.0.23.0-150000.3.113.1
* Legacy Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* java-11-openjdk-headless-11.0.23.0-150000.3.113.1
* java-11-openjdk-devel-11.0.23.0-150000.3.113.1
* java-11-openjdk-devel-debuginfo-11.0.23.0-150000.3.113.1
* java-11-openjdk-debuginfo-11.0.23.0-150000.3.113.1
* java-11-openjdk-headless-debuginfo-11.0.23.0-150000.3.113.1
* java-11-openjdk-demo-11.0.23.0-150000.3.113.1
* java-11-openjdk-debugsource-11.0.23.0-150000.3.113.1
* java-11-openjdk-11.0.23.0-150000.3.113.1
* SUSE Package Hub 15 15-SP6 (noarch)
* java-11-openjdk-javadoc-11.0.23.0-150000.3.113.1

## References:

* https://www.suse.com/security/cve/CVE-2024-21011.html
* https://www.suse.com/security/cve/CVE-2024-21012.html
* https://www.suse.com/security/cve/CVE-2024-21068.html
* https://www.suse.com/security/cve/CVE-2024-21085.html
* https://www.suse.com/security/cve/CVE-2024-21094.html
* https://bugzilla.suse.com/show_bug.cgi?id=1213470
* https://bugzilla.suse.com/show_bug.cgi?id=1222979
* https://bugzilla.suse.com/show_bug.cgi?id=1222983
* https://bugzilla.suse.com/show_bug.cgi?id=1222984
* https://bugzilla.suse.com/show_bug.cgi?id=1222986
* https://bugzilla.suse.com/show_bug.cgi?id=1222987



SUSE-SU-2024:1865-1: moderate: Security update for wireshark


# Security update for wireshark

Announcement ID: SUSE-SU-2024:1865-1
Rating: moderate
References:

* bsc#1224259
* bsc#1224274
* bsc#1224276

Cross-References:

* CVE-2024-4853
* CVE-2024-4854
* CVE-2024-4855

CVSS scores:

* CVE-2024-4853 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
* CVE-2024-4854 ( SUSE ): 5.7 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
* CVE-2024-4855 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L

Affected Products:

* Basesystem Module 15-SP5
* Basesystem Module 15-SP6
* Desktop Applications Module 15-SP5
* openSUSE Leap 15.5
* SUSE Linux Enterprise Desktop 15 SP5
* SUSE Linux Enterprise Desktop 15 SP6
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise Real Time 15 SP5
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP6

An update that solves three vulnerabilities can now be installed.

## Description:

This update for wireshark fixes the following issues:

Update to version 3.6.22:

* CVE-2024-4854: MONGO and ZigBee TLV dissector infinite loops (bsc#1224274)
* CVE-2024-4853: The editcap command line utility could crash when chopping
bytes from the beginning of a packet (bsc#1224259)
* CVE-2024-4855: The editcap command line utility could crash when injecting
secrets while writing multiple files (bsc#1224276)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* Desktop Applications Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP5-2024-1865=1

* openSUSE Leap 15.5
zypper in -t patch openSUSE-SLE-15.5-2024-1865=1

* Basesystem Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-1865=1

* Basesystem Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-1865=1

## Package List:

* Desktop Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64)
* wireshark-debuginfo-3.6.23-150000.3.115.1
* wireshark-ui-qt-3.6.23-150000.3.115.1
* wireshark-debugsource-3.6.23-150000.3.115.1
* wireshark-ui-qt-debuginfo-3.6.23-150000.3.115.1
* wireshark-devel-3.6.23-150000.3.115.1
* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64)
* libwsutil13-debuginfo-3.6.23-150000.3.115.1
* wireshark-debuginfo-3.6.23-150000.3.115.1
* libwiretap12-3.6.23-150000.3.115.1
* wireshark-3.6.23-150000.3.115.1
* libwireshark15-3.6.23-150000.3.115.1
* libwiretap12-debuginfo-3.6.23-150000.3.115.1
* wireshark-ui-qt-3.6.23-150000.3.115.1
* wireshark-debugsource-3.6.23-150000.3.115.1
* wireshark-ui-qt-debuginfo-3.6.23-150000.3.115.1
* libwsutil13-3.6.23-150000.3.115.1
* libwireshark15-debuginfo-3.6.23-150000.3.115.1
* wireshark-devel-3.6.23-150000.3.115.1
* Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64)
* libwsutil13-debuginfo-3.6.23-150000.3.115.1
* wireshark-debuginfo-3.6.23-150000.3.115.1
* libwiretap12-3.6.23-150000.3.115.1
* wireshark-3.6.23-150000.3.115.1
* libwireshark15-3.6.23-150000.3.115.1
* libwiretap12-debuginfo-3.6.23-150000.3.115.1
* wireshark-debugsource-3.6.23-150000.3.115.1
* libwsutil13-3.6.23-150000.3.115.1
* libwireshark15-debuginfo-3.6.23-150000.3.115.1
* Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* wireshark-debugsource-3.6.23-150000.3.115.1
* wireshark-debuginfo-3.6.23-150000.3.115.1

## References:

* https://www.suse.com/security/cve/CVE-2024-4853.html
* https://www.suse.com/security/cve/CVE-2024-4854.html
* https://www.suse.com/security/cve/CVE-2024-4855.html
* https://bugzilla.suse.com/show_bug.cgi?id=1224259
* https://bugzilla.suse.com/show_bug.cgi?id=1224274
* https://bugzilla.suse.com/show_bug.cgi?id=1224276



SUSE-SU-2024:1866-1: moderate: Security update for python-aiohttp


# Security update for python-aiohttp

Announcement ID: SUSE-SU-2024:1866-1
Rating: moderate
References:

* bsc#1223098

Cross-References:

* CVE-2024-27306

CVSS scores:

* CVE-2024-27306 ( SUSE ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Affected Products:

* openSUSE Leap 15.4
* openSUSE Leap 15.5
* openSUSE Leap 15.6
* Public Cloud Module 15-SP4
* Python 3 Module 15-SP5
* Python 3 Module 15-SP6
* SUSE Linux Enterprise Desktop 15 SP5
* SUSE Linux Enterprise Desktop 15 SP6
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
* SUSE Manager Proxy 4.3
* SUSE Manager Retail Branch Server 4.3
* SUSE Manager Server 4.3

An update that solves one vulnerability can now be installed.

## Description:

This update for python-aiohttp fixes the following issues:

* CVE-2024-27306: Fixed XSS on index pages for static file handling
(bsc#1223098)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.4
zypper in -t patch SUSE-2024-1866=1

* openSUSE Leap 15.5
zypper in -t patch openSUSE-SLE-15.5-2024-1866=1

* openSUSE Leap 15.6
zypper in -t patch openSUSE-SLE-15.6-2024-1866=1

* Public Cloud Module 15-SP4
zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2024-1866=1

* Python 3 Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Python3-15-SP5-2024-1866=1

* Python 3 Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Python3-15-SP6-2024-1866=1

## Package List:

* openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
* python311-aiohttp-debuginfo-3.9.3-150400.10.21.1
* python-aiohttp-debugsource-3.9.3-150400.10.21.1
* python311-aiohttp-3.9.3-150400.10.21.1
* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64)
* python311-aiohttp-debuginfo-3.9.3-150400.10.21.1
* python-aiohttp-debugsource-3.9.3-150400.10.21.1
* python311-aiohttp-3.9.3-150400.10.21.1
* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
* python311-aiohttp-debuginfo-3.9.3-150400.10.21.1
* python-aiohttp-debugsource-3.9.3-150400.10.21.1
* python311-aiohttp-3.9.3-150400.10.21.1
* Public Cloud Module 15-SP4 (aarch64 ppc64le s390x x86_64)
* python311-aiohttp-3.9.3-150400.10.21.1
* Python 3 Module 15-SP5 (aarch64 ppc64le s390x x86_64)
* python311-aiohttp-debuginfo-3.9.3-150400.10.21.1
* python-aiohttp-debugsource-3.9.3-150400.10.21.1
* python311-aiohttp-3.9.3-150400.10.21.1
* Python 3 Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* python311-aiohttp-debuginfo-3.9.3-150400.10.21.1
* python-aiohttp-debugsource-3.9.3-150400.10.21.1
* python311-aiohttp-3.9.3-150400.10.21.1

## References:

* https://www.suse.com/security/cve/CVE-2024-27306.html
* https://bugzilla.suse.com/show_bug.cgi?id=1223098



SUSE-SU-2024:1863-1: moderate: Security update for python-Jinja2


# Security update for python-Jinja2

Announcement ID: SUSE-SU-2024:1863-1
Rating: moderate
References:

* bsc#1218722
* bsc#1223980

Cross-References:

* CVE-2024-22195
* CVE-2024-34064

CVSS scores:

* CVE-2024-22195 ( SUSE ): 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
* CVE-2024-22195 ( NVD ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
* CVE-2024-34064 ( SUSE ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Affected Products:

* Basesystem Module 15-SP5
* Basesystem Module 15-SP6
* openSUSE Leap 15.5
* openSUSE Leap Micro 5.3
* openSUSE Leap Micro 5.4
* SUSE Linux Enterprise Desktop 15 SP5
* SUSE Linux Enterprise Desktop 15 SP6
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise Micro 5.1
* SUSE Linux Enterprise Micro 5.2
* SUSE Linux Enterprise Micro 5.3
* SUSE Linux Enterprise Micro 5.4
* SUSE Linux Enterprise Micro 5.5
* SUSE Linux Enterprise Micro for Rancher 5.2
* SUSE Linux Enterprise Micro for Rancher 5.3
* SUSE Linux Enterprise Micro for Rancher 5.4
* SUSE Linux Enterprise Real Time 15 SP5
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP6

An update that solves two vulnerabilities can now be installed.

## Description:

This update for python-Jinja2 fixes the following issues:

* Fixed HTML attribute injection when passing user input as keys to xmlattr
filter (CVE-2024-34064, bsc#1223980, CVE-2024-22195, bsc#1218722)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap Micro 5.3
zypper in -t patch openSUSE-Leap-Micro-5.3-2024-1863=1

* openSUSE Leap Micro 5.4
zypper in -t patch openSUSE-Leap-Micro-5.4-2024-1863=1

* openSUSE Leap 15.5
zypper in -t patch openSUSE-SLE-15.5-2024-1863=1

* SUSE Linux Enterprise Micro for Rancher 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2024-1863=1

* SUSE Linux Enterprise Micro 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2024-1863=1

* SUSE Linux Enterprise Micro for Rancher 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2024-1863=1

* SUSE Linux Enterprise Micro 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2024-1863=1

* SUSE Linux Enterprise Micro 5.5
zypper in -t patch SUSE-SLE-Micro-5.5-2024-1863=1

* Basesystem Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-1863=1

* Basesystem Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-1863=1

* SUSE Linux Enterprise Micro 5.1
zypper in -t patch SUSE-SUSE-MicroOS-5.1-2024-1863=1

* SUSE Linux Enterprise Micro 5.2
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-1863=1

* SUSE Linux Enterprise Micro for Rancher 5.2
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-1863=1

## Package List:

* openSUSE Leap Micro 5.3 (noarch)
* python3-Jinja2-2.10.1-150000.3.13.1
* openSUSE Leap Micro 5.4 (noarch)
* python3-Jinja2-2.10.1-150000.3.13.1
* openSUSE Leap 15.5 (noarch)
* python-Jinja2-emacs-2.10.1-150000.3.13.1
* python-Jinja2-vim-2.10.1-150000.3.13.1
* python3-Jinja2-2.10.1-150000.3.13.1
* SUSE Linux Enterprise Micro for Rancher 5.3 (noarch)
* python3-Jinja2-2.10.1-150000.3.13.1
* SUSE Linux Enterprise Micro 5.3 (noarch)
* python3-Jinja2-2.10.1-150000.3.13.1
* SUSE Linux Enterprise Micro for Rancher 5.4 (noarch)
* python3-Jinja2-2.10.1-150000.3.13.1
* SUSE Linux Enterprise Micro 5.4 (noarch)
* python3-Jinja2-2.10.1-150000.3.13.1
* SUSE Linux Enterprise Micro 5.5 (noarch)
* python3-Jinja2-2.10.1-150000.3.13.1
* Basesystem Module 15-SP5 (noarch)
* python3-Jinja2-2.10.1-150000.3.13.1
* Basesystem Module 15-SP6 (noarch)
* python3-Jinja2-2.10.1-150000.3.13.1
* SUSE Linux Enterprise Micro 5.1 (noarch)
* python3-Jinja2-2.10.1-150000.3.13.1
* SUSE Linux Enterprise Micro 5.2 (noarch)
* python3-Jinja2-2.10.1-150000.3.13.1
* SUSE Linux Enterprise Micro for Rancher 5.2 (noarch)
* python3-Jinja2-2.10.1-150000.3.13.1

## References:

* https://www.suse.com/security/cve/CVE-2024-22195.html
* https://www.suse.com/security/cve/CVE-2024-34064.html
* https://bugzilla.suse.com/show_bug.cgi?id=1218722
* https://bugzilla.suse.com/show_bug.cgi?id=1223980



SUSE-SU-2024:1867-1: moderate: Security update for fwupdate


# Security update for fwupdate

Announcement ID: SUSE-SU-2024:1867-1
Rating: moderate
References:

* bsc#1209188
* bsc#1221301

Affected Products:

* Basesystem Module 15-SP5
* Basesystem Module 15-SP6
* openSUSE Leap 15.5
* openSUSE Leap 15.6
* SUSE Enterprise Storage 7
* SUSE Enterprise Storage 7.1
* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4
* SUSE Linux Enterprise Desktop 15 SP5
* SUSE Linux Enterprise Desktop 15 SP6
* SUSE Linux Enterprise High Performance Computing 15 SP2
* SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2
* SUSE Linux Enterprise High Performance Computing 15 SP3
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
* SUSE Linux Enterprise Micro 5.5
* SUSE Linux Enterprise Real Time 15 SP5
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Server 15 SP2
* SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2
* SUSE Linux Enterprise Server 15 SP3
* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP2
* SUSE Linux Enterprise Server for SAP Applications 15 SP3
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
* SUSE Manager Proxy 4.3
* SUSE Manager Retail Branch Server 4.3
* SUSE Manager Server 4.3

An update that has two security fixes can now be installed.

## Description:

This update of fwupdate fixes the following issues:

* rebuild the package with the new secure boot key (bsc#1209188).
* Update the email address of security team in SBAT (bsc#1221301)
* elf_aarch64_efi.lds: set the memory permission explicitly to avoid ld
warning like "LOAD segment with RWX permissions"

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.5
zypper in -t patch openSUSE-SLE-15.5-2024-1867=1

* openSUSE Leap 15.6
zypper in -t patch openSUSE-SLE-15.6-2024-1867=1

* SUSE Linux Enterprise Micro 5.5
zypper in -t patch SUSE-SLE-Micro-5.5-2024-1867=1

* Basesystem Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-1867=1

* Basesystem Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-1867=1

* SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-1867=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-1867=1

* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-1867=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-1867=1

* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4
zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-1867=1

* SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-1867=1

* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3
zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-1867=1

* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4
zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-1867=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP2
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-1867=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP3
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-1867=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP4
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-1867=1

* SUSE Manager Proxy 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-1867=1

* SUSE Manager Retail Branch Server 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-
Server-4.3-2024-1867=1

* SUSE Manager Server 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-1867=1

* SUSE Enterprise Storage 7.1
zypper in -t patch SUSE-Storage-7.1-2024-1867=1

* SUSE Enterprise Storage 7
zypper in -t patch SUSE-Storage-7-2024-1867=1

## Package List:

* openSUSE Leap 15.5 (aarch64 x86_64)
* fwupdate-12-150100.11.15.2
* libfwup1-debuginfo-12-150100.11.15.2
* fwupdate-efi-12-150100.11.15.2
* fwupdate-debuginfo-12-150100.11.15.2
* fwupdate-debugsource-12-150100.11.15.2
* fwupdate-efi-debuginfo-12-150100.11.15.2
* libfwup1-12-150100.11.15.2
* fwupdate-devel-12-150100.11.15.2
* openSUSE Leap 15.6 (aarch64 x86_64)
* fwupdate-12-150100.11.15.2
* libfwup1-debuginfo-12-150100.11.15.2
* fwupdate-efi-12-150100.11.15.2
* fwupdate-debuginfo-12-150100.11.15.2
* fwupdate-debugsource-12-150100.11.15.2
* fwupdate-efi-debuginfo-12-150100.11.15.2
* libfwup1-12-150100.11.15.2
* fwupdate-devel-12-150100.11.15.2
* SUSE Linux Enterprise Micro 5.5 (x86_64)
* fwupdate-12-150100.11.15.2
* libfwup1-debuginfo-12-150100.11.15.2
* fwupdate-efi-12-150100.11.15.2
* fwupdate-debuginfo-12-150100.11.15.2
* fwupdate-debugsource-12-150100.11.15.2
* fwupdate-efi-debuginfo-12-150100.11.15.2
* libfwup1-12-150100.11.15.2
* Basesystem Module 15-SP5 (aarch64 x86_64)
* fwupdate-12-150100.11.15.2
* libfwup1-debuginfo-12-150100.11.15.2
* fwupdate-efi-12-150100.11.15.2
* fwupdate-debuginfo-12-150100.11.15.2
* fwupdate-debugsource-12-150100.11.15.2
* fwupdate-efi-debuginfo-12-150100.11.15.2
* libfwup1-12-150100.11.15.2
* fwupdate-devel-12-150100.11.15.2
* Basesystem Module 15-SP6 (aarch64 x86_64)
* fwupdate-12-150100.11.15.2
* libfwup1-debuginfo-12-150100.11.15.2
* fwupdate-efi-12-150100.11.15.2
* fwupdate-debuginfo-12-150100.11.15.2
* fwupdate-debugsource-12-150100.11.15.2
* fwupdate-efi-debuginfo-12-150100.11.15.2
* libfwup1-12-150100.11.15.2
* fwupdate-devel-12-150100.11.15.2
* SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64
x86_64)
* fwupdate-12-150100.11.15.2
* libfwup1-debuginfo-12-150100.11.15.2
* fwupdate-efi-12-150100.11.15.2
* fwupdate-debuginfo-12-150100.11.15.2
* fwupdate-debugsource-12-150100.11.15.2
* fwupdate-efi-debuginfo-12-150100.11.15.2
* libfwup1-12-150100.11.15.2
* fwupdate-devel-12-150100.11.15.2
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64
x86_64)
* fwupdate-12-150100.11.15.2
* libfwup1-debuginfo-12-150100.11.15.2
* fwupdate-efi-12-150100.11.15.2
* fwupdate-debuginfo-12-150100.11.15.2
* fwupdate-debugsource-12-150100.11.15.2
* fwupdate-efi-debuginfo-12-150100.11.15.2
* libfwup1-12-150100.11.15.2
* fwupdate-devel-12-150100.11.15.2
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
x86_64)
* fwupdate-12-150100.11.15.2
* libfwup1-debuginfo-12-150100.11.15.2
* fwupdate-efi-12-150100.11.15.2
* fwupdate-debuginfo-12-150100.11.15.2
* fwupdate-debugsource-12-150100.11.15.2
* fwupdate-efi-debuginfo-12-150100.11.15.2
* libfwup1-12-150100.11.15.2
* fwupdate-devel-12-150100.11.15.2
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
x86_64)
* fwupdate-12-150100.11.15.2
* libfwup1-debuginfo-12-150100.11.15.2
* fwupdate-efi-12-150100.11.15.2
* fwupdate-debuginfo-12-150100.11.15.2
* fwupdate-debugsource-12-150100.11.15.2
* fwupdate-efi-debuginfo-12-150100.11.15.2
* libfwup1-12-150100.11.15.2
* fwupdate-devel-12-150100.11.15.2
* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64)
* fwupdate-12-150100.11.15.2
* libfwup1-debuginfo-12-150100.11.15.2
* fwupdate-efi-12-150100.11.15.2
* fwupdate-debuginfo-12-150100.11.15.2
* fwupdate-debugsource-12-150100.11.15.2
* fwupdate-efi-debuginfo-12-150100.11.15.2
* libfwup1-12-150100.11.15.2
* fwupdate-devel-12-150100.11.15.2
* SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 x86_64)
* fwupdate-12-150100.11.15.2
* libfwup1-debuginfo-12-150100.11.15.2
* fwupdate-efi-12-150100.11.15.2
* fwupdate-debuginfo-12-150100.11.15.2
* fwupdate-debugsource-12-150100.11.15.2
* fwupdate-efi-debuginfo-12-150100.11.15.2
* libfwup1-12-150100.11.15.2
* fwupdate-devel-12-150100.11.15.2
* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 x86_64)
* fwupdate-12-150100.11.15.2
* libfwup1-debuginfo-12-150100.11.15.2
* fwupdate-efi-12-150100.11.15.2
* fwupdate-debuginfo-12-150100.11.15.2
* fwupdate-debugsource-12-150100.11.15.2
* fwupdate-efi-debuginfo-12-150100.11.15.2
* libfwup1-12-150100.11.15.2
* fwupdate-devel-12-150100.11.15.2
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 x86_64)
* fwupdate-12-150100.11.15.2
* libfwup1-debuginfo-12-150100.11.15.2
* fwupdate-efi-12-150100.11.15.2
* fwupdate-debuginfo-12-150100.11.15.2
* fwupdate-debugsource-12-150100.11.15.2
* fwupdate-efi-debuginfo-12-150100.11.15.2
* libfwup1-12-150100.11.15.2
* fwupdate-devel-12-150100.11.15.2
* SUSE Linux Enterprise Server for SAP Applications 15 SP2 (x86_64)
* fwupdate-12-150100.11.15.2
* libfwup1-debuginfo-12-150100.11.15.2
* fwupdate-efi-12-150100.11.15.2
* fwupdate-debuginfo-12-150100.11.15.2
* fwupdate-debugsource-12-150100.11.15.2
* fwupdate-efi-debuginfo-12-150100.11.15.2
* libfwup1-12-150100.11.15.2
* fwupdate-devel-12-150100.11.15.2
* SUSE Linux Enterprise Server for SAP Applications 15 SP3 (x86_64)
* fwupdate-12-150100.11.15.2
* libfwup1-debuginfo-12-150100.11.15.2
* fwupdate-efi-12-150100.11.15.2
* fwupdate-debuginfo-12-150100.11.15.2
* fwupdate-debugsource-12-150100.11.15.2
* fwupdate-efi-debuginfo-12-150100.11.15.2
* libfwup1-12-150100.11.15.2
* fwupdate-devel-12-150100.11.15.2
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64)
* fwupdate-12-150100.11.15.2
* libfwup1-debuginfo-12-150100.11.15.2
* fwupdate-efi-12-150100.11.15.2
* fwupdate-debuginfo-12-150100.11.15.2
* fwupdate-debugsource-12-150100.11.15.2
* fwupdate-efi-debuginfo-12-150100.11.15.2
* libfwup1-12-150100.11.15.2
* fwupdate-devel-12-150100.11.15.2
* SUSE Manager Proxy 4.3 (x86_64)
* fwupdate-12-150100.11.15.2
* libfwup1-debuginfo-12-150100.11.15.2
* fwupdate-efi-12-150100.11.15.2
* fwupdate-debuginfo-12-150100.11.15.2
* fwupdate-debugsource-12-150100.11.15.2
* fwupdate-efi-debuginfo-12-150100.11.15.2
* libfwup1-12-150100.11.15.2
* fwupdate-devel-12-150100.11.15.2
* SUSE Manager Retail Branch Server 4.3 (x86_64)
* fwupdate-12-150100.11.15.2
* libfwup1-debuginfo-12-150100.11.15.2
* fwupdate-efi-12-150100.11.15.2
* fwupdate-debuginfo-12-150100.11.15.2
* fwupdate-debugsource-12-150100.11.15.2
* fwupdate-efi-debuginfo-12-150100.11.15.2
* libfwup1-12-150100.11.15.2
* fwupdate-devel-12-150100.11.15.2
* SUSE Manager Server 4.3 (x86_64)
* fwupdate-12-150100.11.15.2
* libfwup1-debuginfo-12-150100.11.15.2
* fwupdate-efi-12-150100.11.15.2
* fwupdate-debuginfo-12-150100.11.15.2
* fwupdate-debugsource-12-150100.11.15.2
* fwupdate-efi-debuginfo-12-150100.11.15.2
* libfwup1-12-150100.11.15.2
* fwupdate-devel-12-150100.11.15.2
* SUSE Enterprise Storage 7.1 (aarch64 x86_64)
* fwupdate-12-150100.11.15.2
* libfwup1-debuginfo-12-150100.11.15.2
* fwupdate-efi-12-150100.11.15.2
* fwupdate-debuginfo-12-150100.11.15.2
* fwupdate-debugsource-12-150100.11.15.2
* fwupdate-efi-debuginfo-12-150100.11.15.2
* libfwup1-12-150100.11.15.2
* fwupdate-devel-12-150100.11.15.2
* SUSE Enterprise Storage 7 (aarch64 x86_64)
* fwupdate-12-150100.11.15.2
* libfwup1-debuginfo-12-150100.11.15.2
* fwupdate-efi-12-150100.11.15.2
* fwupdate-debuginfo-12-150100.11.15.2
* fwupdate-debugsource-12-150100.11.15.2
* fwupdate-efi-debuginfo-12-150100.11.15.2
* libfwup1-12-150100.11.15.2
* fwupdate-devel-12-150100.11.15.2

## References:

* https://bugzilla.suse.com/show_bug.cgi?id=1209188
* https://bugzilla.suse.com/show_bug.cgi?id=1221301



SUSE-SU-2024:2186-1: important: Security update for gnome-settings-daemon


# Security update for gnome-settings-daemon

Announcement ID: SUSE-SU-2024:2186-1
Rating: important
References:

* bsc#1226423

Cross-References:

* CVE-2024-38394

CVSS scores:

* CVE-2024-38394 ( SUSE ): 6.8 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected Products:

* Desktop Applications Module 15-SP6
* openSUSE Leap 15.6
* SUSE Linux Enterprise Desktop 15 SP6
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP6

An update that solves one vulnerability can now be installed.

## Description:

This update for gnome-settings-daemon fixes the following issues:

* CVE-2024-38394: Fixed mismatches in interpreting USB authorization policy
(bsc#1226423).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.6
zypper in -t patch openSUSE-SLE-15.6-2024-2186=1 SUSE-2024-2186=1

* Desktop Applications Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP6-2024-2186=1

## Package List:

* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
* gnome-settings-daemon-debugsource-45.1-150600.3.3.1
* gnome-settings-daemon-debuginfo-45.1-150600.3.3.1
* gnome-settings-daemon-45.1-150600.3.3.1
* gnome-settings-daemon-devel-45.1-150600.3.3.1
* openSUSE Leap 15.6 (noarch)
* gnome-settings-daemon-lang-45.1-150600.3.3.1
* Desktop Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* gnome-settings-daemon-debugsource-45.1-150600.3.3.1
* gnome-settings-daemon-debuginfo-45.1-150600.3.3.1
* gnome-settings-daemon-45.1-150600.3.3.1
* gnome-settings-daemon-devel-45.1-150600.3.3.1
* Desktop Applications Module 15-SP6 (noarch)
* gnome-settings-daemon-lang-45.1-150600.3.3.1

## References:

* https://www.suse.com/security/cve/CVE-2024-38394.html
* https://bugzilla.suse.com/show_bug.cgi?id=1226423



SUSE-SU-2024:2203-1: important: Security update for the Linux Kernel


# Security update for the Linux Kernel

Announcement ID: SUSE-SU-2024:2203-1
Rating: important
References:

* bsc#1012628
* bsc#1065729
* bsc#1181674
* bsc#1187716
* bsc#1193599
* bsc#1194869
* bsc#1207948
* bsc#1208593
* bsc#1209657
* bsc#1213573
* bsc#1214852
* bsc#1215199
* bsc#1216196
* bsc#1216358
* bsc#1216702
* bsc#1217169
* bsc#1217384
* bsc#1217408
* bsc#1217489
* bsc#1217750
* bsc#1217959
* bsc#1218205
* bsc#1218336
* bsc#1218447
* bsc#1218779
* bsc#1218917
* bsc#1219104
* bsc#1219170
* bsc#1219596
* bsc#1219623
* bsc#1219834
* bsc#1220021
* bsc#1220045
* bsc#1220120
* bsc#1220148
* bsc#1220328
* bsc#1220342
* bsc#1220428
* bsc#1220430
* bsc#1220569
* bsc#1220587
* bsc#1220783
* bsc#1220915
* bsc#1221044
* bsc#1221293
* bsc#1221303
* bsc#1221504
* bsc#1221612
* bsc#1221615
* bsc#1221635
* bsc#1221645
* bsc#1221649
* bsc#1221765
* bsc#1221777
* bsc#1221783
* bsc#1221816
* bsc#1221829
* bsc#1221830
* bsc#1221858
* bsc#1222048
* bsc#1222173
* bsc#1222264
* bsc#1222273
* bsc#1222294
* bsc#1222301
* bsc#1222303
* bsc#1222304
* bsc#1222307
* bsc#1222357
* bsc#1222366
* bsc#1222368
* bsc#1222371
* bsc#1222378
* bsc#1222385
* bsc#1222422
* bsc#1222426
* bsc#1222428
* bsc#1222437
* bsc#1222445
* bsc#1222459
* bsc#1222464
* bsc#1222489
* bsc#1222522
* bsc#1222525
* bsc#1222532
* bsc#1222557
* bsc#1222559
* bsc#1222563
* bsc#1222585
* bsc#1222596
* bsc#1222606
* bsc#1222608
* bsc#1222613
* bsc#1222615
* bsc#1222618
* bsc#1222622
* bsc#1222624
* bsc#1222627
* bsc#1222630
* bsc#1222635
* bsc#1222721
* bsc#1222727
* bsc#1222769
* bsc#1222771
* bsc#1222775
* bsc#1222777
* bsc#1222780
* bsc#1222782
* bsc#1222793
* bsc#1222799
* bsc#1222801
* bsc#1222968
* bsc#1223007
* bsc#1223011
* bsc#1223015
* bsc#1223020
* bsc#1223023
* bsc#1223024
* bsc#1223033
* bsc#1223034
* bsc#1223035
* bsc#1223038
* bsc#1223039
* bsc#1223041
* bsc#1223045
* bsc#1223046
* bsc#1223051
* bsc#1223052
* bsc#1223058
* bsc#1223060
* bsc#1223061
* bsc#1223076
* bsc#1223077
* bsc#1223111
* bsc#1223113
* bsc#1223138
* bsc#1223143
* bsc#1223187
* bsc#1223189
* bsc#1223190
* bsc#1223191
* bsc#1223198
* bsc#1223202
* bsc#1223285
* bsc#1223315
* bsc#1223338
* bsc#1223369
* bsc#1223380
* bsc#1223384
* bsc#1223390
* bsc#1223439
* bsc#1223462
* bsc#1223532
* bsc#1223539
* bsc#1223575
* bsc#1223590
* bsc#1223591
* bsc#1223592
* bsc#1223593
* bsc#1223625
* bsc#1223629
* bsc#1223633
* bsc#1223634
* bsc#1223637
* bsc#1223641
* bsc#1223643
* bsc#1223649
* bsc#1223650
* bsc#1223651
* bsc#1223652
* bsc#1223653
* bsc#1223654
* bsc#1223655
* bsc#1223660
* bsc#1223661
* bsc#1223664
* bsc#1223665
* bsc#1223666
* bsc#1223668
* bsc#1223669
* bsc#1223670
* bsc#1223671
* bsc#1223675
* bsc#1223677
* bsc#1223678
* bsc#1223686
* bsc#1223692
* bsc#1223693
* bsc#1223695
* bsc#1223696
* bsc#1223698
* bsc#1223705
* bsc#1223712
* bsc#1223718
* bsc#1223728
* bsc#1223732
* bsc#1223735
* bsc#1223739
* bsc#1223741
* bsc#1223744
* bsc#1223745
* bsc#1223747
* bsc#1223748
* bsc#1223749
* bsc#1223750
* bsc#1223752
* bsc#1223754
* bsc#1223757
* bsc#1223759
* bsc#1223761
* bsc#1223762
* bsc#1223774
* bsc#1223782
* bsc#1223787
* bsc#1223788
* bsc#1223789
* bsc#1223790
* bsc#1223802
* bsc#1223805
* bsc#1223810
* bsc#1223822
* bsc#1223827
* bsc#1223831
* bsc#1223834
* bsc#1223838
* bsc#1223869
* bsc#1223870
* bsc#1223871
* bsc#1223872
* bsc#1223874
* bsc#1223944
* bsc#1223945
* bsc#1223946
* bsc#1223991
* bsc#1224076
* bsc#1224096
* bsc#1224098
* bsc#1224099
* bsc#1224137
* bsc#1224166
* bsc#1224174
* bsc#1224177
* bsc#1224180
* bsc#1224181
* bsc#1224331
* bsc#1224423
* bsc#1224429
* bsc#1224430
* bsc#1224432
* bsc#1224433
* bsc#1224437
* bsc#1224438
* bsc#1224442
* bsc#1224443
* bsc#1224445
* bsc#1224449
* bsc#1224477
* bsc#1224479
* bsc#1224480
* bsc#1224481
* bsc#1224482
* bsc#1224486
* bsc#1224487
* bsc#1224488
* bsc#1224491
* bsc#1224492
* bsc#1224493
* bsc#1224494
* bsc#1224495
* bsc#1224500
* bsc#1224501
* bsc#1224502
* bsc#1224504
* bsc#1224505
* bsc#1224506
* bsc#1224507
* bsc#1224508
* bsc#1224509
* bsc#1224511
* bsc#1224513
* bsc#1224517
* bsc#1224519
* bsc#1224521
* bsc#1224524
* bsc#1224525
* bsc#1224526
* bsc#1224530
* bsc#1224531
* bsc#1224534
* bsc#1224537
* bsc#1224541
* bsc#1224542
* bsc#1224543
* bsc#1224546
* bsc#1224550
* bsc#1224552
* bsc#1224553
* bsc#1224555
* bsc#1224557
* bsc#1224558
* bsc#1224559
* bsc#1224562
* bsc#1224565
* bsc#1224566
* bsc#1224567
* bsc#1224568
* bsc#1224569
* bsc#1224571
* bsc#1224573
* bsc#1224576
* bsc#1224577
* bsc#1224578
* bsc#1224579
* bsc#1224580
* bsc#1224581
* bsc#1224582
* bsc#1224585
* bsc#1224586
* bsc#1224587
* bsc#1224588
* bsc#1224592
* bsc#1224596
* bsc#1224598
* bsc#1224600
* bsc#1224601
* bsc#1224602
* bsc#1224603
* bsc#1224605
* bsc#1224607
* bsc#1224608
* bsc#1224609
* bsc#1224611
* bsc#1224613
* bsc#1224615
* bsc#1224617
* bsc#1224618
* bsc#1224620
* bsc#1224621
* bsc#1224622
* bsc#1224623
* bsc#1224624
* bsc#1224626
* bsc#1224627
* bsc#1224628
* bsc#1224629
* bsc#1224630
* bsc#1224632
* bsc#1224633
* bsc#1224634
* bsc#1224636
* bsc#1224637
* bsc#1224638
* bsc#1224639
* bsc#1224640
* bsc#1224643
* bsc#1224644
* bsc#1224645
* bsc#1224646
* bsc#1224647
* bsc#1224648
* bsc#1224649
* bsc#1224650
* bsc#1224651
* bsc#1224652
* bsc#1224653
* bsc#1224654
* bsc#1224657
* bsc#1224660
* bsc#1224663
* bsc#1224664
* bsc#1224665
* bsc#1224666
* bsc#1224667
* bsc#1224668
* bsc#1224671
* bsc#1224672
* bsc#1224674
* bsc#1224675
* bsc#1224676
* bsc#1224677
* bsc#1224678
* bsc#1224679
* bsc#1224680
* bsc#1224681
* bsc#1224682
* bsc#1224683
* bsc#1224685
* bsc#1224686
* bsc#1224687
* bsc#1224688
* bsc#1224692
* bsc#1224696
* bsc#1224697
* bsc#1224699
* bsc#1224701
* bsc#1224703
* bsc#1224704
* bsc#1224705
* bsc#1224706
* bsc#1224707
* bsc#1224709
* bsc#1224710
* bsc#1224712
* bsc#1224714
* bsc#1224716
* bsc#1224717
* bsc#1224718
* bsc#1224719
* bsc#1224720
* bsc#1224721
* bsc#1224722
* bsc#1224723
* bsc#1224725
* bsc#1224727
* bsc#1224728
* bsc#1224729
* bsc#1224730
* bsc#1224731
* bsc#1224732
* bsc#1224733
* bsc#1224736
* bsc#1224738
* bsc#1224739
* bsc#1224740
* bsc#1224741
* bsc#1224742
* bsc#1224747
* bsc#1224749
* bsc#1224763
* bsc#1224764
* bsc#1224765
* bsc#1224766
* bsc#1224790
* bsc#1224792
* bsc#1224793
* bsc#1224803
* bsc#1224804
* bsc#1224866
* bsc#1224936
* bsc#1224989
* bsc#1225007
* bsc#1225053
* bsc#1225133
* bsc#1225134
* bsc#1225136
* bsc#1225172
* bsc#1225502
* bsc#1225578
* bsc#1225579
* bsc#1225580
* bsc#1225593
* bsc#1225605
* bsc#1225607
* bsc#1225610
* bsc#1225616
* bsc#1225618
* bsc#1225640
* bsc#1225642
* bsc#1225692
* bsc#1225694
* bsc#1225695
* bsc#1225696
* bsc#1225698
* bsc#1225699
* bsc#1225704
* bsc#1225705
* bsc#1225708
* bsc#1225710
* bsc#1225712
* bsc#1225714
* bsc#1225715
* bsc#1225720
* bsc#1225722
* bsc#1225728
* bsc#1225734
* bsc#1225735
* bsc#1225736
* bsc#1225747
* bsc#1225748
* bsc#1225749
* bsc#1225750
* bsc#1225756
* bsc#1225765
* bsc#1225766
* bsc#1225769
* bsc#1225773
* bsc#1225775
* bsc#1225842
* bsc#1225945
* bsc#1226158
* jsc#PED-8111
* jsc#PED-8240

Cross-References:

* CVE-2023-0160
* CVE-2023-52434
* CVE-2023-52458
* CVE-2023-52472
* CVE-2023-52503
* CVE-2023-52616
* CVE-2023-52618
* CVE-2023-52631
* CVE-2023-52635
* CVE-2023-52640
* CVE-2023-52641
* CVE-2023-52645
* CVE-2023-52652
* CVE-2023-52653
* CVE-2023-52654
* CVE-2023-52655
* CVE-2023-52657
* CVE-2023-52658
* CVE-2023-52659
* CVE-2023-52660
* CVE-2023-52661
* CVE-2023-52662
* CVE-2023-52663
* CVE-2023-52664
* CVE-2023-52667
* CVE-2023-52669
* CVE-2023-52670
* CVE-2023-52671
* CVE-2023-52673
* CVE-2023-52674
* CVE-2023-52675
* CVE-2023-52676
* CVE-2023-52678
* CVE-2023-52679
* CVE-2023-52680
* CVE-2023-52681
* CVE-2023-52683
* CVE-2023-52685
* CVE-2023-52686
* CVE-2023-52687
* CVE-2023-52690
* CVE-2023-52691
* CVE-2023-52692
* CVE-2023-52693
* CVE-2023-52694
* CVE-2023-52695
* CVE-2023-52696
* CVE-2023-52697
* CVE-2023-52698
* CVE-2023-52771
* CVE-2023-52772
* CVE-2023-52860
* CVE-2023-52882
* CVE-2023-6238
* CVE-2023-7042
* CVE-2024-0639
* CVE-2024-21823
* CVE-2024-22099
* CVE-2024-23848
* CVE-2024-24861
* CVE-2024-25739
* CVE-2024-26601
* CVE-2024-26611
* CVE-2024-26614
* CVE-2024-26632
* CVE-2024-26638
* CVE-2024-26642
* CVE-2024-26643
* CVE-2024-26650
* CVE-2024-26654
* CVE-2024-26656
* CVE-2024-26657
* CVE-2024-26671
* CVE-2024-26673
* CVE-2024-26674
* CVE-2024-26679
* CVE-2024-26684
* CVE-2024-26685
* CVE-2024-26692
* CVE-2024-26704
* CVE-2024-26714
* CVE-2024-26726
* CVE-2024-26731
* CVE-2024-26733
* CVE-2024-26737
* CVE-2024-26739
* CVE-2024-26740
* CVE-2024-26742
* CVE-2024-26760
* CVE-2024-267600
* CVE-2024-26761
* CVE-2024-26764
* CVE-2024-26769
* CVE-2024-26772
* CVE-2024-26773
* CVE-2024-26774
* CVE-2024-26775
* CVE-2024-26783
* CVE-2024-26786
* CVE-2024-26791
* CVE-2024-26793
* CVE-2024-26794
* CVE-2024-26802
* CVE-2024-26805
* CVE-2024-26807
* CVE-2024-26815
* CVE-2024-26816
* CVE-2024-26822
* CVE-2024-26832
* CVE-2024-26836
* CVE-2024-26844
* CVE-2024-26846
* CVE-2024-26853
* CVE-2024-26854
* CVE-2024-26855
* CVE-2024-26856
* CVE-2024-26857
* CVE-2024-26858
* CVE-2024-26860
* CVE-2024-26861
* CVE-2024-26862
* CVE-2024-26866
* CVE-2024-26868
* CVE-2024-26870
* CVE-2024-26878
* CVE-2024-26881
* CVE-2024-26882
* CVE-2024-26883
* CVE-2024-26884
* CVE-2024-26885
* CVE-2024-26899
* CVE-2024-26900
* CVE-2024-26901
* CVE-2024-26903
* CVE-2024-26906
* CVE-2024-26909
* CVE-2024-26921
* CVE-2024-26922
* CVE-2024-26923
* CVE-2024-26925
* CVE-2024-26928
* CVE-2024-26932
* CVE-2024-26933
* CVE-2024-26934
* CVE-2024-26935
* CVE-2024-26937
* CVE-2024-26938
* CVE-2024-26940
* CVE-2024-26943
* CVE-2024-26945
* CVE-2024-26946
* CVE-2024-26948
* CVE-2024-26949
* CVE-2024-26950
* CVE-2024-26951
* CVE-2024-26957
* CVE-2024-26958
* CVE-2024-26960
* CVE-2024-26961
* CVE-2024-26962
* CVE-2024-26963
* CVE-2024-26964
* CVE-2024-26972
* CVE-2024-26973
* CVE-2024-26978
* CVE-2024-26981
* CVE-2024-26982
* CVE-2024-26983
* CVE-2024-26984
* CVE-2024-26986
* CVE-2024-26988
* CVE-2024-26989
* CVE-2024-26990
* CVE-2024-26991
* CVE-2024-26992
* CVE-2024-26993
* CVE-2024-26994
* CVE-2024-26995
* CVE-2024-26996
* CVE-2024-26997
* CVE-2024-26999
* CVE-2024-27000
* CVE-2024-27001
* CVE-2024-27002
* CVE-2024-27003
* CVE-2024-27004
* CVE-2024-27008
* CVE-2024-27013
* CVE-2024-27014
* CVE-2024-27022
* CVE-2024-27027
* CVE-2024-27028
* CVE-2024-27029
* CVE-2024-27030
* CVE-2024-27031
* CVE-2024-27036
* CVE-2024-27046
* CVE-2024-27056
* CVE-2024-27057
* CVE-2024-27062
* CVE-2024-27067
* CVE-2024-27080
* CVE-2024-27388
* CVE-2024-27389
* CVE-2024-27393
* CVE-2024-27395
* CVE-2024-27396
* CVE-2024-27398
* CVE-2024-27399
* CVE-2024-27400
* CVE-2024-27401
* CVE-2024-27405
* CVE-2024-27408
* CVE-2024-27410
* CVE-2024-27411
* CVE-2024-27412
* CVE-2024-27413
* CVE-2024-27416
* CVE-2024-27417
* CVE-2024-27418
* CVE-2024-27431
* CVE-2024-27432
* CVE-2024-27434
* CVE-2024-27435
* CVE-2024-27436
* CVE-2024-35784
* CVE-2024-35786
* CVE-2024-35788
* CVE-2024-35789
* CVE-2024-35790
* CVE-2024-35791
* CVE-2024-35794
* CVE-2024-35795
* CVE-2024-35796
* CVE-2024-35799
* CVE-2024-35800
* CVE-2024-35801
* CVE-2024-35803
* CVE-2024-35804
* CVE-2024-35806
* CVE-2024-35808
* CVE-2024-35809
* CVE-2024-35810
* CVE-2024-35811
* CVE-2024-35812
* CVE-2024-35813
* CVE-2024-35814
* CVE-2024-35815
* CVE-2024-35817
* CVE-2024-35819
* CVE-2024-35821
* CVE-2024-35822
* CVE-2024-35823
* CVE-2024-35824
* CVE-2024-35825
* CVE-2024-35828
* CVE-2024-35829
* CVE-2024-35830
* CVE-2024-35833
* CVE-2024-35834
* CVE-2024-35835
* CVE-2024-35836
* CVE-2024-35837
* CVE-2024-35838
* CVE-2024-35841
* CVE-2024-35842
* CVE-2024-35845
* CVE-2024-35847
* CVE-2024-35849
* CVE-2024-35850
* CVE-2024-35851
* CVE-2024-35852
* CVE-2024-35854
* CVE-2024-35860
* CVE-2024-35861
* CVE-2024-35862
* CVE-2024-35863
* CVE-2024-35864
* CVE-2024-35865
* CVE-2024-35866
* CVE-2024-35867
* CVE-2024-35868
* CVE-2024-35869
* CVE-2024-35870
* CVE-2024-35872
* CVE-2024-35875
* CVE-2024-35877
* CVE-2024-35878
* CVE-2024-35879
* CVE-2024-35883
* CVE-2024-35885
* CVE-2024-35887
* CVE-2024-35889
* CVE-2024-35891
* CVE-2024-35895
* CVE-2024-35901
* CVE-2024-35903
* CVE-2024-35904
* CVE-2024-35905
* CVE-2024-35907
* CVE-2024-35909
* CVE-2024-35911
* CVE-2024-35912
* CVE-2024-35914
* CVE-2024-35915
* CVE-2024-35916
* CVE-2024-35917
* CVE-2024-35921
* CVE-2024-35922
* CVE-2024-35924
* CVE-2024-35927
* CVE-2024-35928
* CVE-2024-35930
* CVE-2024-35931
* CVE-2024-35932
* CVE-2024-35933
* CVE-2024-35935
* CVE-2024-35936
* CVE-2024-35937
* CVE-2024-35938
* CVE-2024-35940
* CVE-2024-35943
* CVE-2024-35944
* CVE-2024-35945
* CVE-2024-35946
* CVE-2024-35947
* CVE-2024-35950
* CVE-2024-35951
* CVE-2024-35952
* CVE-2024-35953
* CVE-2024-35954
* CVE-2024-35955
* CVE-2024-35956
* CVE-2024-35958
* CVE-2024-35959
* CVE-2024-35960
* CVE-2024-35961
* CVE-2024-35963
* CVE-2024-35964
* CVE-2024-35965
* CVE-2024-35966
* CVE-2024-35967
* CVE-2024-35969
* CVE-2024-35971
* CVE-2024-35972
* CVE-2024-35973
* CVE-2024-35974
* CVE-2024-35975
* CVE-2024-35977
* CVE-2024-35978
* CVE-2024-35981
* CVE-2024-35982
* CVE-2024-35984
* CVE-2024-35986
* CVE-2024-35989
* CVE-2024-35990
* CVE-2024-35991
* CVE-2024-35992
* CVE-2024-35995
* CVE-2024-35997
* CVE-2024-35999
* CVE-2024-36002
* CVE-2024-36006
* CVE-2024-36007
* CVE-2024-36009
* CVE-2024-36011
* CVE-2024-36012
* CVE-2024-36013
* CVE-2024-36014
* CVE-2024-36015
* CVE-2024-36016
* CVE-2024-36018
* CVE-2024-36019
* CVE-2024-36020
* CVE-2024-36021
* CVE-2024-36025
* CVE-2024-36026
* CVE-2024-36029
* CVE-2024-36030
* CVE-2024-36032
* CVE-2024-36880
* CVE-2024-36885
* CVE-2024-36890
* CVE-2024-36891
* CVE-2024-36893
* CVE-2024-36894
* CVE-2024-36895
* CVE-2024-36896
* CVE-2024-36897
* CVE-2024-36898
* CVE-2024-36906
* CVE-2024-36918
* CVE-2024-36921
* CVE-2024-36922
* CVE-2024-36928
* CVE-2024-36930
* CVE-2024-36931
* CVE-2024-36936
* CVE-2024-36940
* CVE-2024-36941
* CVE-2024-36942
* CVE-2024-36944
* CVE-2024-36947
* CVE-2024-36949
* CVE-2024-36950
* CVE-2024-36951
* CVE-2024-36955
* CVE-2024-36959

CVSS scores:

* CVE-2023-0160 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-0160 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52434 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
* CVE-2023-52434 ( NVD ): 8.0 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-52458 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52458 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52472 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
* CVE-2023-52472 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52503 ( SUSE ): 4.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L
* CVE-2023-52616 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52618 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
* CVE-2023-52631 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52635 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52640 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52641 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52645 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52645 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52652 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
* CVE-2023-52653 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
* CVE-2023-52654 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52655 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H
* CVE-2023-52657 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52658 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52659 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52660 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52661 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
* CVE-2023-52662 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L
* CVE-2023-52663 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52664 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52667 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52669 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52670 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52671 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H
* CVE-2023-52673 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52674 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52675 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52676 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-52678 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52679 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52680 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52681 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52683 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52685 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52686 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52687 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52690 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52691 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52692 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52693 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52694 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52695 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52696 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52697 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52698 ( SUSE ): 3.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:L
* CVE-2023-52771 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52772 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-52772 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-52860 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52882 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-6238 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-6238 ( NVD ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-7042 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-7042 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-0639 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-0639 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-21823 ( SUSE ): 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
* CVE-2024-22099 ( SUSE ): 5.3 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-22099 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-23848 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
* CVE-2024-23848 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-24861 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H
* CVE-2024-24861 ( NVD ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H
* CVE-2024-25739 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-25739 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26601 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26601 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26611 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26614 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26632 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26638 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H
* CVE-2024-26642 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26643 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26650 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:N
* CVE-2024-26654 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26656 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26657 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26671 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26673 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26674 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26679 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26684 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26685 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26692 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26704 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26714 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26726 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26731 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26733 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26737 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-26739 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26740 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26742 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26760 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26764 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
* CVE-2024-26769 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26772 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26773 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26774 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26775 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26783 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26786 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26791 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26793 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26794 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26802 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26805 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26807 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26815 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26816 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
* CVE-2024-26822 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26832 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26836 ( SUSE ): 4.3 CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
* CVE-2024-26844 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
* CVE-2024-26846 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26853 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26854 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26855 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26856 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26857 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26858 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26860 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26861 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26862 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
* CVE-2024-26866 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26868 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26870 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26878 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26881 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26881 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26882 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26882 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-26883 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26883 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-26884 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26884 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-26885 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26885 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-26899 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26899 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26900 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26900 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26901 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
* CVE-2024-26901 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26903 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26903 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26906 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26909 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26909 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26921 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-26922 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26923 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-26925 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-26928 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26932 ( SUSE ): 6.6 CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-26932 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-26933 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26933 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-26934 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26934 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-26935 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
* CVE-2024-26937 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
* CVE-2024-26938 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
* CVE-2024-26940 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26943 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26945 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26946 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26948 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26949 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26949 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26950 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26951 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26957 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26958 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26960 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26961 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26962 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26963 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26964 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26972 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26973 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26978 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26978 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26981 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26982 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26983 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26984 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26986 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26986 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26988 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H
* CVE-2024-26989 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26990 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
* CVE-2024-26991 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26992 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
* CVE-2024-26993 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L
* CVE-2024-26994 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26995 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26996 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-26997 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26999 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-27000 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
* CVE-2024-27001 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-27002 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-27003 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
* CVE-2024-27004 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
* CVE-2024-27008 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
* CVE-2024-27013 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-27013 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-27014 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-27014 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-27022 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-27022 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-27027 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
* CVE-2024-27028 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-27029 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-27030 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H
* CVE-2024-27031 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-27036 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
* CVE-2024-27046 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-27056 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-27057 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-27062 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-27067 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-27080 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H
* CVE-2024-27388 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-27389 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-27393 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-27395 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-27396 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-27398 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-27399 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-27400 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-27401 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H
* CVE-2024-27405 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
* CVE-2024-27408 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N
* CVE-2024-27410 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-27411 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-27412 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-27413 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-27416 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-27417 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-27418 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-27431 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-27432 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-27434 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-27435 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-27436 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-35784 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-35786 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-35788 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-35789 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-35790 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-35791 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-35794 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-35795 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-35796 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-35799 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-35800 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-35801 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-35803 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-35804 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-35806 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-35808 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-35809 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-35810 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-35811 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-35812 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-35813 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-35814 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-35815 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-35817 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-35819 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-35821 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-35822 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
* CVE-2024-35823 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-35824 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-35825 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-35828 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-35829 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-35830 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-35833 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-35834 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-35835 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-35836 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-35837 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-35838 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-35841 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-35842 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-35845 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-35847 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-35849 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
* CVE-2024-35850 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-35851 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-35852 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-35854 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-35860 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-35861 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-35862 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-35863 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-35864 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-35865 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-35866 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-35867 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-35868 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-35869 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-35870 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-35872 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-35875 ( SUSE ): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N
* CVE-2024-35877 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-35878 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-35879 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-35883 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-35885 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-35887 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-35889 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-35891 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-35895 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-35901 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-35903 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-35904 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-35905 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-35907 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-35909 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-35911 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-35912 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-35914 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-35915 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-35916 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-35917 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-35921 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-35922 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-35924 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
* CVE-2024-35927 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-35928 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-35930 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-35931 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-35932 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-35933 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-35935 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-35936 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-35937 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
* CVE-2024-35938 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
* CVE-2024-35940 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
* CVE-2024-35943 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-35944 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L
* CVE-2024-35945 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-35946 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-35947 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-35950 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-35951 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-35952 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-35953 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-35954 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-35955 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-35956 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-35958 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-35959 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-35960 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-35961 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-35963 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
* CVE-2024-35964 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-35965 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-35966 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-35967 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-35969 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-35971 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-35972 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-35972 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-35973 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-35974 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-35975 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-35977 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-35978 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-35978 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-35981 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-35982 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-35982 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-35984 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-35984 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-35986 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-35989 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-35990 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-35990 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-35991 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-35992 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-35992 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-35995 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H
* CVE-2024-35997 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-35997 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-35999 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:L
* CVE-2024-36002 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-36006 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-36007 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-36009 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-36011 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-36012 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-36013 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-36014 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-36015 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-36016 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-36018 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
* CVE-2024-36019 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L
* CVE-2024-36020 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-36021 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-36025 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L
* CVE-2024-36026 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-36029 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-36030 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-36032 ( SUSE ): 2.3 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N
* CVE-2024-36880 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L
* CVE-2024-36885 ( SUSE ): 2.3 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L
* CVE-2024-36890 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-36891 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-36891 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-36893 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-36893 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-36894 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-36895 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
* CVE-2024-36896 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-36897 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-36897 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-36898 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L
* CVE-2024-36906 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N
* CVE-2024-36918 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-36921 ( SUSE ): 8.0 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
* CVE-2024-36922 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-36928 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-36930 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-36930 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-36931 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:L
* CVE-2024-36936 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
* CVE-2024-36940 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
* CVE-2024-36941 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-36942 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L
* CVE-2024-36944 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-36947 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
* CVE-2024-36949 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-36950 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-36951 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-36955 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
* CVE-2024-36959 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected Products:

* Basesystem Module 15-SP6
* Development Tools Module 15-SP6
* Legacy Module 15-SP6
* openSUSE Leap 15.6
* SUSE Linux Enterprise Desktop 15 SP6
* SUSE Linux Enterprise High Availability Extension 15 SP6
* SUSE Linux Enterprise Live Patching 15-SP6
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
* SUSE Linux Enterprise Workstation Extension 15 SP6

An update that solves 408 vulnerabilities, contains two features and has 82
security fixes can now be installed.

## Description:

The SUSE Linux Enterprise 15 SP6 kernel was updated to receive various security
bugfixes.

The following security bugs were fixed:

* CVE-2023-0160: Fixed deadlock flaw in BPF that could allow a local user to
potentially crash the system (bsc#1209657).
* CVE-2023-52434: Fixed potential OOBs in smb2_parse_contexts() (bsc#1220148).
* CVE-2023-52458: Fixed check that partition length needs to be aligned with
block size (bsc#1220428).
* CVE-2023-52503: Fixed tee/amdtee use-after-free vulnerability in
amdtee_close_session (bsc#1220915).
* CVE-2023-52618: Fixed string overflow in block/rnbd-srv (bsc#1221615).
* CVE-2023-52631: Fixed an NULL dereference bug (bsc#1222264 CVE-2023-52631).
* CVE-2023-52635: Fixed PM/devfreq to synchronize devfreq_monitor_[start/stop]
(bsc#1222294).
* CVE-2023-52640: Fixed out-of-bounds in ntfs_listxattr (bsc#1222301).
* CVE-2023-52641: Fixed NULL ptr dereference checking at the end of
attr_allocate_frame() (bsc#1222303)
* CVE-2023-52645: Fixed pmdomain/mediatek race conditions with genpd
(bsc#1223033).
* CVE-2023-52652: Fixed NTB for possible name leak in ntb_register_device()
(bsc#1223686).
* CVE-2023-52659: Fixed to pfn_to_kaddr() not treated as a 64-bit type
(bsc#1224442).
* CVE-2023-52674: Add clamp() in scarlett2_mixer_ctl_put() (bsc#1224727).
* CVE-2023-52680: Fixed missing error checks to *_ctl_get() (bsc#1224608).
* CVE-2023-52692: Fixed missing error check to scarlett2_usb_set_config()
(bsc#1224628).
* CVE-2023-52698: Fixed memory leak in netlbl_calipso_add_pass()
(CVE-2023-52698 bsc#1224621)
* CVE-2023-52771: Fixed delete_endpoint() vs parent unregistration race
(bsc#1225007).
* CVE-2023-52772: Fixed use-after-free in unix_stream_read_actor()
(bsc#1224989).
* CVE-2023-52860: Fixed null pointer dereference in hisi_hns3 (bsc#1224936).
* CVE-2023-6238: Fixed kcalloc() arguments order (bsc#1217384).
* CVE-2023-7042: Fixed a null-pointer-dereference in
ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev() (bsc#1218336).
* CVE-2024-0639: Fixed a denial-of-service vulnerability due to a deadlock
found in sctp_auto_asconf_init in net/sctp/socket.c (bsc#1218917).
* CVE-2024-21823: Fixed safety flag to struct ends (bsc#1223625).
* CVE-2024-22099: Fixed a null-pointer-dereference in rfcomm_check_security
(bsc#1219170).
* CVE-2024-23848: Fixed media/cec for possible use-after-free in
cec_queue_msg_fh (bsc#1219104).
* CVE-2024-24861: Fixed an overflow due to race condition in media/xc4000
device driver in xc4000 xc4000_get_frequency() function (bsc#1219623).
* CVE-2024-25739: Fixed possible crash in create_empty_lvol() in
drivers/mtd/ubi/vtbl.c (bsc#1219834).
* CVE-2024-26601: Fixed ext4 buddy bitmap corruption via fast commit replay
(bsc#1220342).
* CVE-2024-26614: Fixed the initialization of accept_queue's spinlocks
(bsc#1221293).
* CVE-2024-26632: Fixed iterating over an empty bio with
bio_for_each_folio_all (bsc#1221635).
* CVE-2024-26638: Fixed uninitialize struct msghdr completely (bsc#1221649
CVE-2024-26638).
* CVE-2024-26642: Fixed the set of anonymous timeout flag in netfilter
nf_tables (bsc#1221830).
* CVE-2024-26643: Fixed mark set as dead when unbinding anonymous set with
timeout (bsc#1221829).
* CVE-2024-26654: Fixed use after free in ALSA/sh/aica (bsc#1222304).
* CVE-2024-26656: Fixed drm/amdgpu use-after-free bug (bsc#1222307).
* CVE-2024-26671: Fixed blk-mq IO hang from sbitmap wakeup race (bsc#1222357).
* CVE-2024-26673: Fixed netfilter/nft_ct layer 3 and 4 protocol sanitization
(bsc#1222368).
* CVE-2024-26674: Revert to _ASM_EXTABLE_UA() for {get,put}_user() fixups
(bsc#1222378).
* CVE-2024-26679: Fixed read sk->sk_family once in inet_recv_error()
(bsc#1222385).
* CVE-2024-26684: Fixed net/stmmac/xgmac handling of DPP safety error for DMA
channels (bsc#1222445).
* CVE-2024-26685: Fixed nilfs2 potential bug in end_buffer_async_write
(bsc#1222437).
* CVE-2024-26692: Fixed regression in writes when non-standard maximum write
size negotiated (bsc#1222464).
* CVE-2024-26704: Fixed a double-free of blocks due to wrong extents moved_len
in ext4 (bsc#1222422).
* CVE-2024-26726: Fixed invalid drop extent_map for free space inode on write
error (bsc#1222532)
* CVE-2024-26731: Fixed NULL pointer dereference in
sk_psock_verdict_data_ready() (bsc#1222371).
* CVE-2024-26733: Fixed an overflow in arp_req_get() in arp (bsc#1222585).
* CVE-2024-26737: Fixed selftests/bpf racing between bpf_timer_cancel_and_free
and bpf_timer_cancel (bsc#1222557).
* CVE-2024-26740: Fixed use the backlog for mirred ingress (bsc#1222563).
* CVE-2024-26760: Fixed bio_put() for error case (bsc#1222596
cve-2024-267600).
* CVE-2024-26760: Fixed scsi/target/pscsi bio_put() for error case
(bsc#1222596).
* CVE-2024-26764: Fixed IOCB_AIO_RW check in fs/aio before the struct
aio_kiocb conversion (bsc#1222721).
* CVE-2024-26772: Fixed ext4 to avoid allocating blocks from corrupted group
in ext4_mb_find_by_goal() (bsc#1222613).
* CVE-2024-26773: Fixed ext4 block allocation from corrupted group in
ext4_mb_try_best_found() (bsc#1222618).
* CVE-2024-26774: Fixed dividing by 0 in mb_update_avg_fragment_size() when
block bitmap corrupt (bsc#1222622).
* CVE-2024-26775: Fixed potential deadlock at set_capacity (bsc#1222627).
* CVE-2024-26783: Fixed mm/vmscan bug when calling wakeup_kswapd() with a
wrong zone index (bsc#1222615).
* CVE-2024-26791: Fixed properly validate device names in btrfs (bsc#1222793)
* CVE-2024-26793: Fixed an use-after-free and null-ptr-deref in gtp_newlink()
in gtp (bsc#1222428).
* CVE-2024-26805: Fixed a kernel-infoleak-after-free in __skb_datagram_iter in
netlink (bsc#1222630).
* CVE-2024-26807: Fixed spi/cadence-qspi NULL pointer reference in runtime PM
hooks (bsc#1222801).
* CVE-2024-26815: Fixed improper TCA_TAPRIO_TC_ENTRY_INDEX check
(bsc#1222635).
* CVE-2024-26816: Fixed relocations in .notes section when building with
CONFIG_XEN_PV=y (bsc#1222624).
* CVE-2024-26822: Set correct id, uid and cruid for multiuser automounts
(bsc#1223011).
* CVE-2024-26832: Fixed missing folio cleanup in writeback race path
(bsc#1223007).
* CVE-2024-26836: Fixed platform/x86/think-lmi password opcode ordering for
workstations (bsc#1222968).
* CVE-2024-26844: Fixed WARNING in _copy_from_iter (bsc#1223015).
* CVE-2024-26853: Fixed igc returning frame twice in XDP_REDIRECT
(bsc#1223061).
* CVE-2024-26855: Fixed net/ice potential NULL pointer dereference in
ice_bridge_setlink() (bsc#1223051).
* CVE-2024-26856: Fixed use-after-free inside sparx5_del_mact_entry
(bsc#1223052).
* CVE-2024-26857: Fixed geneve to make sure to pull inner header in
geneve_rx() (bsc#1223058).
* CVE-2024-26860: Fixed a memory leak when rechecking the data (bsc#1223077).
* CVE-2024-26861: Fixed wireguard/receive annotate data-race around
receiving_counter.counter (bsc#1223076).
* CVE-2024-26862: Fixed packet annotate data-races around ignore_outgoing
(bsc#1223111).
* CVE-2024-26866: Fixed spi/spi-fsl-lpspi by removing redundant
spi_controller_put call (bsc#1223024).
* CVE-2024-26878: Fixed quota for potential NULL pointer dereference
(bsc#1223060).
* CVE-2024-26881: Fixed net/hns3 kernel crash when 1588 is received on HIP08
devices (bsc#1223041).
* CVE-2024-26882: Fixed net/ip_tunnel to make sure to pull inner header in
ip_tunnel_rcv() (bsc#1223034).
* CVE-2024-26883: Fixed bpf stackmap overflow check on 32-bit arches
(bsc#1223035).
* CVE-2024-26884: Fixed bpf hashtab overflow check on 32-bit arches
(bsc#1223189).
* CVE-2024-26885: Fixed bpf DEVMAP_HASH overflow check on 32-bit arches
(bsc#1223190).
* CVE-2024-26899: Fixed deadlock between bd_link_disk_holder and partition
scan (bsc#1223045).
* CVE-2024-26901: Fixed do_sys_name_to_handle() to use kzalloc() to prevent
kernel-infoleak (bsc#1223198).
* CVE-2024-26906: Fixed invalid vsyscall page read for
copy_from_kernel_nofault() (bsc#1223202).
* CVE-2024-26909: Fixed drm bridge use-after-free (bsc#1223143).
* CVE-2024-26921: Preserve kabi for sk_buff (bsc#1223138).
* CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in
__unix_gc() (bsc#1223384).
* CVE-2024-26925: Release mutex after nft_gc_seq_end from abort path
(bsc#1223390).
* CVE-2024-26928: Fix potential UAF in cifs_debug_files_proc_show()
(bsc#1223532).
* CVE-2024-26945: Fixed nr_cpus < nr_iaa case (bsc#1223732).
* CVE-2024-26946: Fixed copy_from_kernel_nofault() to read from unsafe address
(bsc#1223669).
* CVE-2024-26948: Fixed drm/amd/display by adding dc_state NULL check in
dc_state_release (bsc#1223664).
* CVE-2024-26950: Fixed wireguard/netlink to access device through ctx instead
of peer (bsc#1223661).
* CVE-2024-26951: Fixed wireguard/netlink check for dangling peer via is_dead
instead of empty list (bsc#1223660).
* CVE-2024-26958: Fixed UAF in direct writes (bsc#1223653).
* CVE-2024-26960: Fixed mm/swap race between free_swap_and_cache() and
swapoff() (bsc#1223655).
* CVE-2024-26982: Fixed Squashfs inode number check not to be an invalid value
of zero (bsc#1223634).
* CVE-2024-26991: Fixed overflow lpage_info when checking attributes
(bsc#1223695).
* CVE-2024-26993: Fixed fs/sysfs reference leak in
sysfs_break_active_protection() (bsc#1223693).
* CVE-2024-27013: Fixed tun limit printing rate when illegal packet received
by tun device (bsc#1223745).
* CVE-2024-27014: Fixed net/mlx5e to prevent deadlock while disabling aRFS
(bsc#1223735).
* CVE-2024-27022: Fixed linking file vma until vma is fully initialized
(bsc#1223774).
* CVE-2024-27030: Fixed octeontx2-af to use separate handlers for interrupts
(bsc#1223790).
* CVE-2024-27036: Fixed writeback data corruption (bsc#1223810).
* CVE-2024-27046: Fixed nfp/flower handling acti_netdevs allocation failure
(bsc#1223827).
* CVE-2024-27056: Fixed wifi/iwlwifi/mvm to ensure offloading TID queue exists
(bsc#1223822).
* CVE-2024-27062: Fixed nouveau lock inside client object tree (bsc#1223834).
* CVE-2024-27389: Fixed pstore inode handling with d_invalidate()
(bsc#1223705).
* CVE-2024-27395: Fixed Use-After-Free in ovs_ct_exit (bsc#1224098).
* CVE-2024-27396: Fixed Use-After-Free in gtp_dellink (bsc#1224096).
* CVE-2024-27401: Fixed user_length taken into account when fetching packet
contents (bsc#1224181).
* CVE-2024-27408: Fixed race condition in dmaengine w-edma/eDMA (bsc#1224430).
* CVE-2024-27417: Fixed potential "struct net" leak in inet6_rtm_getaddr()
(bsc#1224721)
* CVE-2024-27418: Fixed memory leak in mctp_local_output (bsc#1224720)
* CVE-2024-27431: Fixed Zero-initialise xdp_rxq_info struct before running XDP
program (bsc#1224718).
* CVE-2024-35852: Fixed memory leak when canceling rehash work (bsc#1224502).
* CVE-2024-35854: Fixed possible use-after-free during rehash (bsc#1224636).
* CVE-2024-35860: struct bpf_link and bpf_link_ops kABI workaround
(bsc#1224531).
* CVE-2024-35861: Fixed potential UAF in cifs_signal_cifsd_for_reconnect()
(bsc#1224766).
* CVE-2024-35862: Fixed potential UAF in smb2_is_network_name_deleted()
(bsc#1224764).
* CVE-2024-35863: Fixed potential UAF in is_valid_oplock_break()
(bsc#1224763).
* CVE-2024-35864: Fixed potential UAF in smb2_is_valid_lease_break()
(bsc#1224765).
* CVE-2024-35865: Fixed potential UAF in smb2_is_valid_oplock_break()
(bsc#1224668).
* CVE-2024-35866: Fixed potential UAF in cifs_dump_full_key() (bsc#1224667).
* CVE-2024-35867: Fixed potential UAF in cifs_stats_proc_show() (bsc#1224664).
* CVE-2024-35868: Fixed potential UAF in cifs_stats_proc_write()
(bsc#1224678).
* CVE-2024-35869: Guarantee refcounted children from parent session
(bsc#1224679).
* CVE-2024-35870: Fixed UAF in smb2_reconnect_server() (bsc#1224672).
* CVE-2024-35872: Fixed GUP-fast succeeding on secretmem folios (bsc#1224530).
* CVE-2024-35877: Fixed VM_PAT handling in COW mappings (bsc#1224525).
* CVE-2024-35895: Fixed lock inversion deadlock in map delete elem
(bsc#1224511).
* CVE-2024-35903: Fixed IP after emitting call depth accounting (bsc#1224493).
* CVE-2024-35905: Fixed int overflow for stack access size (bsc#1224488).
* CVE-2024-35917: Fixed Fix bpf_plt pointer arithmetic (bsc#1224481).
* CVE-2024-35921: Fixed oops when HEVC init fails (bsc#1224477).
* CVE-2024-35931: Fixed PCI error slot reset during RAS recovery
(bsc#1224652).
* CVE-2024-35943: Fixed a null pointer dereference in omap_prm_domain_init
(bsc#1224649).
* CVE-2024-35944: Fixed memcpy() run-time warning in dg_dispatch_as_host()
(bsc#1224648).
* CVE-2024-35956: Fixed qgroup prealloc rsv leak in subvolume operations
(bsc#1224674)
* CVE-2024-35964: Fixed not validating setsockopt user input (bsc#1224581).
* CVE-2024-35969: Fixed race condition between ipv6_get_ifaddr and
ipv6_del_addr (bsc#1224580).
* CVE-2024-35991: Fixed kABI workaround for struct idxd_evl (bsc#1224553).
* CVE-2024-35999: Fixed missing lock when picking channel (bsc#1224550).
* CVE-2024-36006: Fixed incorrect list API usage (bsc#1224541).
* CVE-2024-36007: Fixed warning during rehash (bsc#1224543).
* CVE-2024-36030: Fixed the double free in rvu_npc_freemem() (bsc#1225712)

The following non-security bugs were fixed:

* 9p: add missing locking around taking dentry fid list (git-fixes)
* accel/ivpu: Fix deadlock in context_xa (git-fixes).
* ACPI: bus: Indicate support for IRQ ResourceSource thru _OSC (git-fixes).
* ACPI: bus: Indicate support for _TFP thru _OSC (git-fixes).
* ACPI: bus: Indicate support for the Generic Event Device thru _OSC (git-
fixes).
* ACPICA: debugger: check status of acpi_evaluate_object() in
acpi_db_walk_for_fields() (git-fixes).
* ACPI: CPPC: Fix access width used for PCC registers (git-fixes).
* ACPI: CPPC: Fix bit_offset shift in MASK_VAL() macro (git-fixes).
* ACPI: CPPC: Use access_width over bit_width for system memory accesses
(stable-fixes).
* ACPI: disable -Wstringop-truncation (git-fixes).
* ACPI: Fix Generic Initiator Affinity _OSC bit (git-fixes).
* ACPI: LPSS: Advertise number of chip selects via property (git-fixes).
* ACPI: resource: Add Infinity laptops to irq1_edge_low_force_override
(stable-fixes).
* ACPI: resource: Do IRQ override on Lunnen Ground laptops (stable-fixes).
* ACPI: scan: Do not increase dep_unmet for already met dependencies (git-
fixes).
* ACPI: video: Add backlight=native quirk for Lenovo Slim 7 16ARH7
(bsc#1217750).
* ACPI: x86: Move acpi_quirk_skip_serdev_enumeration() out of
CONFIG_X86_ANDROID_TABLETS (stable-fixes).
* Add alt-commit to a nouveau patch
* Add reference to L3 bsc#1225765 in BPF control flow graph and precision
backtrack fixes (bsc#1225756) The L3 bsc#1225765 was created seperately
since our customer requires PTF.
* admin-guide/hw-vuln/core-scheduling: fix return type of PR_SCHED_CORE_GET
(git-fixes).
* ahci: asm1064: asm1166: do not limit reported ports (git-fixes).
* ahci: asm1064: correct count of reported ports (stable-fixes).
* ALSA: aoa: avoid false-positive format truncation warning (git-fixes).
* ALSA: core: Fix NULL module pointer assignment at card init (git-fixes).
* ALSA: core: Remove debugfs at disconnection (git-fixes).
* ALSA: firewire-lib: handle quirk to calculate payload quadlets as data block
counter (stable-fixes).
* ALSA: Fix deadlocks with kctl removals at disconnection (stable-fixes).
* ALSA: hda: Add Intel BMG PCI ID and HDMI codec vid (stable-fixes).
* ALSA: hda: clarify Copyright information (stable-fixes).
* ALSA: hda: cs35l41: Add support for ASUS ROG 2024 Laptops (stable-fixes).
* ALSA: hda: cs35l41: Ignore errors when configuring IRQs (stable-fixes).
* ALSA: hda: cs35l41: Remove redundant argument to
cs35l41_request_firmware_file() (stable-fixes).
* ALSA: hda: cs35l41: Remove Speaker ID for Lenovo Legion slim 7 16ARHA7 (git-
fixes).
* ALSA: hda: cs35l41: Set the max PCM Gain using tuning setting (stable-
fixes).
* ALSA: hda: cs35l41: Support HP Omen models without _DSD (stable-fixes).
* ALSA: hda: cs35l41: Support Lenovo 13X laptop without _DSD (stable-fixes).
* ALSA: hda: cs35l41: Update DSP1RX5/6 Sources for DSP config (stable-fixes).
* ALSA: hda: cs35l56: Add ACPI device match tables (git-fixes).
* ALSA: hda: cs35l56: Exit cache-only after cs35l56_wait_for_firmware_boot()
(stable-fixes).
* ALSA: hda: cs35l56: Fix lifetime of cs_dsp instance (git-fixes).
* ALSA: hda: cs35l56: Set the init_done flag before component_add() (git-
fixes).
* ALSA: hda/cs_dsp_ctl: Use private_free for control cleanup (git-fixes).
* ALSA: hda: hda_cs_dsp_ctl: Remove notification of driver write (stable-
fixes).
* ALSA: hda: intel-dsp-config: harden I2C/I2S codec detection (stable-fixes).
* ALSA/hda: intel-dsp-config: reduce log verbosity (git-fixes).
* ALSA: hda: intel-sdw-acpi: fix usage of device_get_named_child_node() (git-
fixes).
* ALSA: hda/realtek: Add quirk for HP SnowWhite laptops (stable-fixes).
* ALSA: hda/realtek: Add quirk for HP Spectre x360 14 eu0000 (stable-fixes).
* ALSA: hda/realtek: Add quirks for ASUS Laptops using CS35L56 (stable-fixes).
* ALSA: hda/realtek: Add quirks for HP Omen models using CS35L41 (stable-
fixes).
* ALSA: hda/realtek: Add quirks for Huawei Matebook D14 NBLB-WAX9N (stable-
fixes).
* ALSA: hda/realtek: Add quirks for Lenovo 13X (stable-fixes).
* ALSA: hda/realtek: Add quirks for some Clevo laptops (stable-fixes).
* ALSA: hda/realtek: Add sound quirks for Lenovo Legion slim 7 16ARHA7 models
(stable-fixes).
* ALSA: hda/realtek: Add support for ASUS Zenbook 2024 HN7306W (stable-fixes).
* ALSA: hda/realtek: Adjust G814JZR to use SPI init for amp (git-fixes).
* ALSA: hda/realtek: cs35l41: Support ASUS ROG G634JYR (stable-fixes).
* ALSA: hda/realtek: Drop doubly quirk entry for 103c:8a2e (git-fixes).
* ALSA: hda/realtek - Enable audio jacks of Haier Boyue G42 with ALC269VC
(stable-fixes).
* ALSA: hda/realtek: Enable headset mic of JP-IK LEAP W502 with ALC897
(stable-fixes).
* ALSA: hda/realtek: Fix build error without CONFIG_PM (stable-fixes).
* ALSA: hda/realtek: Fix conflicting PCI SSID 17aa:386f for Lenovo Legion
models (bsc#1223462).
* ALSA: hda/realtek - fixed headset Mic not show (stable-fixes).
* ALSA: hda/realtek: Fixes for Asus GU605M and GA403U sound (stable-fixes).
* ALSA: hda/realtek - Fix inactive headset mic jack (stable-fixes).
* ALSA: hda/realtek: Fix internal speakers for Legion Y9000X 2022 IAH7
(stable-fixes).
* ALSA: hda/realtek: Fix mute led of HP Laptop 15-da3001TU (stable-fixes).
* ALSA: hda/realtek: fix mute/micmute LEDs do not work for ProBook 440/460 G11
(stable-fixes).
* ALSA: hda/realtek: fix the hp playback volume issue for LG machines (stable-
fixes).
* ALSA: hda/realtek: Fix volumn control of ThinkBook 16P Gen4 (git-fixes).
* ALSA: hda/realtek - Set GPIO3 to default at S4 state for Thinkpad with
ALC1318 (stable-fixes).
* ALSA: hda/realtek: Update Panasonic CF-SZ6 quirk to support headset with
microphone (git-fixes).
* ALSA: hda/tas2781: add locks to kcontrols (git-fixes).
* ALSA: hda/tas2781: Add new vendor_id and subsystem_id to support ThinkPad
ICE-1 (stable-fixes).
* ALSA: hda/tas2781: correct the register for pow calibrated data (git-fixes).
* ALSA: hda/tas2781: remove digital gain kcontrol (git-fixes).
* ALSA: line6: Zero-initialize message buffers (stable-fixes).
* ALSA: scarlett2: Add Focusrite Clarett+ 2Pre and 4Pre support (stable-
fixes).
* ALSA: scarlett2: Add Focusrite Clarett 2Pre and 4Pre USB support (stable-
fixes).
* ALSA: scarlett2: Add missing error check to scarlett2_config_save() (git-
fixes).
* ALSA: scarlett2: Add support for Clarett 8Pre USB (stable-fixes).
* ALSA: scarlett2: Default mixer driver to enabled (stable-fixes).
* ALSA: scarlett2: Move USB IDs out from device_info struct (stable-fixes).
* ALSA: seq: Do not clear bank selection at event -> UMP MIDI2 conversion
(git-fixes).
* ALSA: seq: Fix incorrect UMP type for system messages (git-fixes).
* ALSA: seq: Fix missing bank setup between MIDI1/MIDI2 UMP conversion (git-
fixes).
* ALSA: seq: Fix yet another spot for system message conversion (git-fixes).
* ALSA: seq: ump: Fix conversion from MIDI2 to MIDI1 UMP messages (git-fixes).
* ALSA: seq: ump: Fix swapped song position pointer data (git-fixes).
* ALSA: sh: aica: reorder cleanup operations to avoid UAF bugs (git-fixes).
* ALSA: timer: Set lower bound of start tick time (stable-fixes).
* ALSA: ump: Do not accept an invalid UMP protocol number (git-fixes).
* ALSA: ump: Do not clear bank selection after sending a program change (git-
fixes).
* ALSA: ump: Set default protocol when not given explicitly (git-fixes).
* ALSA: usb-audio: Add sampling rates support for Mbox3 (stable-fixes).
* ALSA: usb-audio: Fix for sampling rates support for Mbox3 (stable-fixes).
* amd/amdkfd: sync all devices to wait all processes being evicted (stable-
fixes).
* amdkfd: use calloc instead of kzalloc to avoid integer overflow (stable-
fixes).
* arm64: bpf: fix 32bit unconditional bswap (git-fixes).
* arm64: dts: allwinner: h616: Fix I2C0 pins (git-fixes)
* arm64: dts: allwinner: Pine H64: correctly remove reg_gmac_3v3 (git-fixes)
* arm64: dts: broadcom: bcmbca: bcm4908: drop invalid switch cells (git-fixes)
* arm64: dts: Fix dtc interrupt_provider warnings (git-fixes)
* arm64: dts: hi3798cv200: fix the size of GICR (git-fixes)
* arm64: dts: imx8qm-ss-dma: fix can lpcg indices (git-fixes)
* arm64: dts: imx8-ss-conn: fix usb lpcg indices (git-fixes)
* arm64: dts: imx8-ss-conn: fix usdhc wrong lpcg clock order (git-fixes)
* arm64: dts: imx8-ss-dma: fix adc lpcg indices (git-fixes)
* arm64: dts: imx8-ss-dma: fix can lpcg indices (git-fixes)
* arm64: dts: imx8-ss-dma: fix spi lpcg indices (git-fixes)
* arm64: dts: imx8-ss-lsio: fix pwm lpcg indices (git-fixes)
* arm64: dts: marvell: reorder crypto interrupts on Armada SoCs (git-fixes)
* arm64: dts: microchip: sparx5: fix mdio reg (git-fixes)
* arm64: dts: rockchip: Add enable-strobe-pulldown to emmc phy on ROCK (git-
fixes)
* arm64: dts: rockchip: enable internal pull-up for Q7_THRM# on RK3399 (git-
fixes)
* arm64: dts: rockchip: enable internal pull-up on PCIE_WAKE# for (git-fixes)
* arm64: dts: rockchip: enable internal pull-up on Q7_USB_ID for RK3399 (git-
fixes)
* arm64: dts: rockchip: fix rk3328 hdmi ports node (git-fixes)
* arm64: dts: rockchip: fix rk3399 hdmi ports node (git-fixes)
* arm64: dts: rockchip: regulator for sd needs to be always on for (git-fixes)
* arm64: dts: rockchip: Remove unsupported node from the Pinebook Pro (git-
fixes)
* arm64: dts: rockchip: set PHY address of MT7531 switch to 0x1f (git-fixes)
* arm64/head: Disable MMU at EL2 before clearing HCR_EL2.E2H (git-fixes).
* arm64: hibernate: Fix level3 translation fault in swsusp_save() (git-fixes).
* arm64/ptrace: Use saved floating point state type to determine SVE (git-
fixes)
* arm64/sve: Lower the maximum allocation for the SVE ptrace regset (git-
fixes)
* arm64: tegra: Correct Tegra132 I2C alias (git-fixes)
* arm64: tegra: Set the correct PHY mode for MGBE (git-fixes)
* ARM: 9381/1: kasan: clear stale stack poison (git-fixes).
* ARM: imx: Check return value of devm_kasprintf in imx_mmdc_perf_init (git-
fixes).
* ARM: imx_v6_v7_defconfig: Restore CONFIG_BACKLIGHT_CLASS_DEVICE (git-fixes).
* ARM: OMAP2+: fix N810 MMC gpiod table (git-fixes).
* ARM: OMAP2+: fix USB regression on Nokia N8x0 (git-fixes).
* arm_pmu: acpi: Add a representative platform device for TRBE (bsc#1220587)
* arm_pmu: acpi: Refactor arm_spe_acpi_register_device() (bsc#1220587)
* ARM: prctl: reject PR_SET_MDWE on pre-ARMv6 (stable-fixes).
* ARM: s5pv210: fix pm.c kernel-doc warning (git-fixes).
* asm-generic: make sparse happy with odd-sized put_unaligned_*() (stable-
fixes).
* ASoC: acp: Support microphone from device Acer 315-24p (git-fixes).
* ASoC: amd: acp: fix for acp_init function error handling (git-fixes).
* ASoC: amd: yc: Add Lenovo ThinkBook 21J0 into DMI quirk table (stable-
fixes).
* ASoC: amd: yc: Fix non-functional mic on ASUS M7600RE (stable-fixes).
* ASoC: amd: yc: Fix non-functional mic on Lenovo 21J2 (stable-fixes).
* ASoC: amd: yc: Revert "Fix non-functional mic on Lenovo 21J2" (stable-
fixes).
* ASoC: codecs: wsa881x: set clk_stop_mode1 flag (git-fixes).
* ASoC: cs35l56: Fix unintended bus access while resetting amp (git-fixes).
* ASoC: cs35l56: Prevent overwriting firmware ASP config (git-fixes).
* ASoC: da7219-aad: fix usage of device_get_named_child_node() (git-fixes).
* ASoC: Intel: avs: Fix ASRC module initialization (git-fixes).
* ASoC: Intel: avs: Fix potential integer overflow (git-fixes).
* ASoC: Intel: avs: Populate board selection with new I2S entries (stable-
fixes).
* ASoC: Intel: avs: Set name of control as in topology (git-fixes).
* ASoC: Intel: avs: ssm4567: Do not ignore route checks (git-fixes).
* ASoC: Intel: avs: Test result of avs_get_module_entry() (git-fixes).
* ASoC: Intel: bytcr_rt5640: Apply Asus T100TA quirk to Asus T100TAM too (git-
fixes).
* ASoC: Intel: common: DMI remap for rebranded Intel NUC M15 (LAPRC710)
laptops (stable-fixes).
* ASoC: Intel: Disable route checks for Skylake boards (git-fixes).
* ASoC: kirkwood: Fix potential NULL dereference (git-fixes).
* ASoC: mediatek: Assign dummy when codec not specified for a DAI link (git-
fixes).
* ASoC: mediatek: mt8192: fix register configuration for tdm (git-fixes).
* ASoC: meson: axg-card: make links nonatomic (git-fixes).
* ASoC: meson: axg-fifo: use FIELD helpers (stable-fixes).
* ASoC: meson: axg-fifo: use threaded irq to check periods (git-fixes).
* ASoC: meson: axg-tdm-interface: manage formatters in trigger (git-fixes).
* ASoC: meson: cards: select SND_DYNAMIC_MINORS (git-fixes).
* ASoC: ops: Fix wraparound for mask in snd_soc_get_volsw (git-fixes).
* ASoC: rockchip: i2s-tdm: Fix inaccurate sampling rates (git-fixes).
* ASoC: rt5645: Fix the electric noise due to the CBJ contacts floating (git-
fixes).
* ASoC: rt5645: Make LattePanda board DMI match more precise (stable-fixes).
* ASoC: rt5682-sdw: fix locking sequence (git-fixes).
* ASoC: rt711-sdca: fix locking sequence (git-fixes).
* ASoC: rt711-sdw: fix locking sequence (git-fixes).
* ASoC: rt712-sdca-sdw: fix locking sequence (git-fixes).
* ASoC: rt715: add vendor clear control register (git-fixes).
* ASoC: rt715-sdca: volume step modification (git-fixes).
* ASoC: rt722-sdca: add headset microphone vrefo setting (git-fixes).
* ASoC: rt722-sdca: modify channel number to support 4 channels (git-fixes).
* ASoC: rt722-sdca-sdw: fix locking sequence (git-fixes).
* ASoC: soc-core.c: Skip dummy codec when adding platforms (stable-fixes).
* ASoC: SOF: amd: Optimize quirk for Valve Galileo (stable-fixes).
* ASoC: SOF: Intel: add default firmware library path for LNL (git-fixes).
* ASoC: SOF: Intel: hda-dsp: Skip IMR boot on ACE platforms in case of S3
suspend (stable-fixes).
* ASoC: SOF: Intel: lnl: Correct rom_status_reg (git-fixes).
* ASoC: SOF: Intel: mtl: call dsp dump when boot retry fails (stable-fixes).
* ASoC: SOF: Intel: mtl: Correct rom_status_reg (git-fixes).
* ASoC: SOF: Intel: mtl: Disable interrupts when firmware boot failed (git-
fixes).
* ASoC: SOF: Intel: mtl: Implement firmware boot state check (git-fixes).
* ASoC: SOF: ipc4-pcm: Workaround for crashed firmware on system suspend
(stable-fixes).
* ASoC: SOF: ipc4-topology: Fix input format query of process modules without
base extension (git-fixes).
* ASoC: tas2552: Add TX path for capturing AUDIO-OUT data (git-fixes).
* ASoC: tas2781: Fix a warning reported by robot kernel test (git-fixes).
* ASoC: tas2781: Fix wrong loading calibrated data sequence (git-fixes).
* ASoC: tas2781: mark dvc_tlv with __maybe_unused (git-fixes).
* ASoC: tegra: Fix DSPK 16-bit playback (git-fixes).
* ASoC: ti: Convert Pandora ASoC to GPIO descriptors (stable-fixes).
* ASoC: ti: davinci-mcasp: Fix race condition during probe (git-fixes).
* ASoC: tlv320adc3xxx: Do not strip remove function when driver is builtin
(git-fixes).
* ASoC: tracing: Export SND_SOC_DAPM_DIR_OUT to its value (git-fixes).
* ASoC: wm_adsp: Add missing MODULE_DESCRIPTION() (git-fixes).
* ASoC: wm_adsp: Fix missing mutex_lock in wm_adsp_write_ctl() (git-fixes).
* ata: libata-core: Allow command duration limits detection for ACS-4 drives
(git-fixes).
* ata: pata_legacy: make legacy_exit() work again (git-fixes).
* ata: sata_gemini: Check clk_enable() result (stable-fixes).
* ata: sata_mv: Fix PCI device ID table declaration compilation warning (git-
fixes).
* ata: sata_sx4: fix pdc20621_get_from_dimm() on 64-bit (git-fixes).
* autofs: use wake_up() instead of wake_up_interruptible(() (bsc#1224166).
* ax25: Fix netdev refcount issue (git-fixes).
* ax25: Fix reference count leak issue of net_device (git-fixes).
* ax25: Fix reference count leak issues of ax25_dev (git-fixes).
* ax25: fix use-after-free bugs caused by ax25_ds_del_timer (git-fixes).
* batman-adv: Avoid infinite loop trying to resize local TT (git-fixes).
* bitops: add missing prototype check (git-fixes).
* blk-cgroup: fix list corruption from reorder of WRITE ->lqueued
(bsc#1225605).
* blk-cgroup: fix list corruption from resetting io stat (bsc#1225605).
* block: fix q->blkg_list corruption during disk rebind (bsc#1223591).
* Bluetooth: Add new quirk for broken read key length on ATS2851 (stable-
fixes).
* Bluetooth: add quirk for broken address properties (git-fixes).
* Bluetooth: btintel: Fixe build regression (git-fixes).
* Bluetooth: btintel: Fix null ptr deref in btintel_read_version (stable-
fixes).
* Bluetooth: btusb: Add Realtek RTL8852BE support ID 0x0bda:0x4853 (stable-
fixes).
* Bluetooth: btusb: Fix triggering coredump implementation for QCA (git-
fixes).
* Bluetooth: Fix memory leak in hci_req_sync_complete() (git-fixes).
* Bluetooth: Fix TOCTOU in HCI debugfs implementation (git-fixes).
* Bluetooth: Fix type of len in {l2cap,sco}_sock_getsockopt_old() (stable-
fixes).
* Bluetooth: Fix use-after-free bugs caused by sco_sock_timeout (git-fixes).
* Bluetooth: hci_core: Cancel request on command timeout (stable-fixes).
* Bluetooth: hci_event: Fix sending HCI_OP_READ_ENC_KEY_SIZE (git-fixes).
* Bluetooth: hci_event: set the conn encrypted before conn establishes
(stable-fixes).
* Bluetooth: HCI: Fix potential null-ptr-deref (git-fixes).
* Bluetooth: hci_sock: Fix not validating setsockopt user input (git-fixes).
* Bluetooth: hci_sync: Fix not checking error on hci_cmd_sync_cancel_sync
(git-fixes).
* Bluetooth: hci_sync: Fix using the same interval and window for Coded PHY
(git-fixes).
* Bluetooth: hci_sync: Use QoS to determine which PHY to scan (stable-fixes).
* Bluetooth: ISO: Align broadcast sync_timeout with connection timeout
(stable-fixes).
* Bluetooth: ISO: Do not reject BT_ISO_QOS if parameters are unset (git-
fixes).
* Bluetooth: l2cap: Do not double set the HCI_CONN_MGMT_CONNECTED bit (git-
fixes).
* Bluetooth: L2CAP: Fix not validating setsockopt user input (git-fixes).
* Bluetooth: l2cap: fix null-ptr-deref in l2cap_chan_timeout (git-fixes).
* Bluetooth: L2CAP: Fix slab-use-after-free in l2cap_connect() (git-fixes).
* Bluetooth: MGMT: Fix failing to MGMT_OP_ADD_UUID/MGMT_OP_REMOVE_UUID
(bsc#1221504).
* Bluetooth: mgmt: Fix limited discoverable off timeout (stable-fixes).
* Bluetooth: msft: fix slab-use-after-free in msft_do_close() (git-fixes).
* Bluetooth: qca: add missing firmware sanity checks (git-fixes).
* Bluetooth: qca: fix device-address endianness (git-fixes).
* Bluetooth: qca: Fix error code in qca_read_fw_build_info() (git-fixes).
* Bluetooth: qca: fix firmware check error path (git-fixes).
* Bluetooth: qca: fix info leak when fetching fw build id (git-fixes).
* Bluetooth: qca: fix NULL-deref on non-serdev setup (git-fixes).
* Bluetooth: qca: fix NULL-deref on non-serdev suspend (git-fixes).
* Bluetooth: qca: fix NVM configuration parsing (git-fixes).
* Bluetooth: RFCOMM: Fix not validating setsockopt user input (git-fixes).
* Bluetooth: SCO: Fix not validating setsockopt user input (git-fixes).
* bnx2x: Fix firmware version string character counts (git-fixes).
* bnxt_en: Fix error recovery for RoCE ulp client (git-fixes).
* bnxt_en: Fix possible memory leak in bnxt_rdma_aux_device_init() (git-
fixes).
* bnxt_en: Reset PTP tx_avail after possible firmware reset (git-fixes).
* bnxt_re: avoid shift undefined behavior in bnxt_qplib_alloc_init_hwq (git-
fixes)
* bootconfig: Fix the kerneldoc of _xbc_exit() (git-fixes).
* bootconfig: use memblock_free_late to free xbc memory to buddy (git-fixes).
* bootmem: use kmemleak_free_part_phys in free_bootmem_page (git-fixes).
* bootmem: use kmemleak_free_part_phys in put_page_bootmem (git-fixes).
* bpf, arm64: fix bug in BPF_LDX_MEMSX (git-fixes)
* bpf, arm64: Fix incorrect runtime stats (git-fixes)
* bpf: fix precision backtracking instruction iteration (bsc#1225756).
* bpf: Fix precision tracking for BPF_ALU | BPF_TO_BE | BPF_END (git-fixes).
* bpf: handle ldimm64 properly in check_cfg() (bsc#1225756).
* bpf, scripts: Correct GPL license name (git-fixes).
* btrfs: add a helper to read the superblock metadata_uuid (git-fixes)
* btrfs: add and use helper to check if block group is used (bsc#1220120).
* btrfs: add missing mutex_unlock in btrfs_relocate_sys_chunks() (git-fixes)
* btrfs: add new unused block groups to the list of unused block groups
(bsc#1220120).
* btrfs: allow to run delayed refs by bytes to be released instead of count
(bsc#1220120).
* btrfs: always print transaction aborted messages with an error level (git-
fixes)
* btrfs: always reserve space for delayed refs when starting transaction
(bsc#1220120).
* btrfs: assert correct lock is held at btrfs_select_ref_head() (bsc#1220120).
* btrfs: assert delayed node locked when removing delayed item (git-fixes)
* btrfs: avoid starting and committing empty transaction when flushing space
(bsc#1220120).
* btrfs: avoid starting new transaction when flushing delayed items and refs
(bsc#1220120).
* btrfs: check for BTRFS_FS_ERROR in pending ordered assert (git-fixes)
* btrfs: compare the correct fsid/metadata_uuid in btrfs_validate_super (git-
fixes)
* btrfs: defrag: avoid unnecessary defrag caused by incorrect extent size
(git-fixes)
* btrfs: defrag: reject unknown flags of btrfs_ioctl_defrag_range_args (git-
fixes)
* btrfs: do not allow non subvolume root targets for snapshot (git-fixes)
* btrfs: do not arbitrarily slow down delalloc if we're committing (git-fixes)
* btrfs: do not delete unused block group if it may be used soon
(bsc#1220120).
* btrfs: do not refill whole delayed refs block reserve when starting
transaction (bsc#1220120).
* btrfs: do not start transaction when joining with TRANS_JOIN_NOSTART (git-
fixes)
* btrfs: do not steal space from global rsv after a transaction abort
(bsc#1220120).
* btrfs: do not warn if discard range is not aligned to sector (git-fixes)
* btrfs: ensure fiemap does not race with writes when FIEMAP_FLAG_SYNC is
given (bsc#1223285).
* btrfs: error out when COWing block using a stale transaction (git-fixes)
* btrfs: error out when reallocating block for defrag using a stale
transaction (git-fixes)
* btrfs: error when COWing block from a root that is being deleted (git-fixes)
* btrfs: export: handle invalid inode or root reference in btrfs_get_parent()
(git-fixes)
* btrfs: fail priority metadata ticket with real fs error (bsc#1220120).
* btrfs: file_remove_privs needs an exclusive lock in direct io write (git-
fixes)
* btrfs: fix 64bit compat send ioctl arguments not initializing version member
(git-fixes)
* btrfs: fix deadlock with fiemap and extent locking (bsc#1223285).
* btrfs: fix information leak in btrfs_ioctl_logical_to_ino() (git-fixes)
* btrfs: fix kvcalloc() arguments order in btrfs_ioctl_send() (git-fixes)
* btrfs: fix lockdep splat and potential deadlock after failure running
delayed items (git-fixes)
* btrfs: fix off-by-one chunk length calculation at contains_pending_extent()
(git-fixes)
* btrfs: fix off-by-one when checking chunk map includes logical address (git-
fixes)
* btrfs: fix race between ordered extent completion and fiemap (bsc#1223285).
* btrfs: fix race when detecting delalloc ranges during fiemap (bsc#1223285).
* btrfs: fix race when refilling delayed refs block reserve (git-fixes)
* btrfs: fix start transaction qgroup rsv double free (git-fixes)
* btrfs: fix stripe length calculation for non-zoned data chunk allocation
(bsc#1217489).
* btrfs: fix wrong block_start calculation for btrfs_drop_extent_map_range()
(git-fixes) Dropped hunk in selftests (test_case_7), 92e1229b204d6.
* btrfs: free qgroup rsv on io failure (git-fixes)
* btrfs: free the allocated memory if btrfs_alloc_page_array() fails (git-
fixes)
* btrfs: get rid of label and goto at insert_delayed_ref() (bsc#1220120).
* btrfs: handle chunk tree lookup error in btrfs_relocate_sys_chunks() (git-
fixes)
* btrfs: handle errors properly in update_inline_extent_backref() (git-fixes)
* btrfs: initialize key where it's used when running delayed data ref
(bsc#1220120).
* btrfs: log message if extent item not found when running delayed extent op
(bsc#1220120).
* btrfs: make btrfs_cleanup_fs_roots() static (bsc#1220120).
* btrfs: make btrfs_destroy_delayed_refs() return void (bsc#1220120).
* btrfs: make btrfs_destroy_marked_extents() return void (bsc#1220120).
* btrfs: make btrfs_destroy_pinned_extent() return void (bsc#1220120).
* btrfs: make error messages more clear when getting a chunk map (git-fixes)
* btrfs: make find_first_extent_bit() return a boolean (bsc#1220120).
* btrfs: make find_free_dev_extent() static (bsc#1220120).
* btrfs: make insert_delayed_ref() return a bool instead of an int
(bsc#1220120).
* btrfs: merge find_free_dev_extent() and find_free_dev_extent_start()
(bsc#1220120).
* btrfs: move btrfs_free_excluded_extents() into block-group.c (bsc#1220120).
* btrfs: open code trivial btrfs_add_excluded_extent() (bsc#1220120).
* btrfs: output extra debug info if we failed to find an inline backref (git-
fixes)
* btrfs: pass a space_info argument to btrfs_reserve_metadata_bytes()
(bsc#1220120).
* btrfs: prevent transaction block reserve underflow when starting transaction
(git-fixes)
* btrfs: print available space across all block groups when dumping space info
(bsc#1220120).
* btrfs: print available space for a block group when dumping a space info
(bsc#1220120).
* btrfs: print block group super and delalloc bytes when dumping space info
(bsc#1220120).
* btrfs: print target number of bytes when dumping free space (bsc#1220120).
* btrfs: qgroup: always free reserved space for extent records (bsc#1216196).
* btrfs: qgroup: convert PREALLOC to PERTRANS after record_root_in_trans (git-
fixes)
* btrfs: record delayed inode root in transaction (git-fixes)
* btrfs: reject encoded write if inode has nodatasum flag set (git-fixes)
* btrfs: release path before inode lookup during the ino lookup ioctl (git-
fixes)
* btrfs: remove pointless initialization at btrfs_delayed_refs_rsv_release()
(bsc#1220120).
* btrfs: remove pointless in_tree field from struct btrfs_delayed_ref_node
(bsc#1220120).
* btrfs: remove pointless 'ref_root' variable from run_delayed_data_ref()
(bsc#1220120).
* btrfs: remove redundant BUG_ON() from __btrfs_inc_extent_ref()
(bsc#1220120).
* btrfs: remove refs_to_add argument from __btrfs_inc_extent_ref()
(bsc#1220120).
* btrfs: remove refs_to_drop argument from __btrfs_free_extent()
(bsc#1220120).
* btrfs: remove the refcount warning/check at btrfs_put_delayed_ref()
(bsc#1220120).
* btrfs: remove unnecessary logic when running new delayed references
(bsc#1220120).
* btrfs: remove unnecessary prototype declarations at disk-io.c (bsc#1220120).
* btrfs: remove unused is_head field from struct btrfs_delayed_ref_node
(bsc#1220120).
* btrfs: rename add_new_free_space() to btrfs_add_new_free_space()
(bsc#1220120).
* btrfs: reorder some members of struct btrfs_delayed_ref_head (bsc#1220120).
* btrfs: reserve space for delayed refs on a per ref basis (bsc#1220120).
* btrfs: reset destination buffer when read_extent_buffer() gets invalid range
(git-fixes)
* btrfs: return -EUCLEAN for delayed tree ref with a ref count not equals to 1
(git-fixes)
* btrfs: return -EUCLEAN if extent item is missing when searching inline
backref (bsc#1220120).
* btrfs: return real error when orphan cleanup fails due to a transaction
abort (bsc#1220120).
* btrfs: send: do not issue unnecessary zero writes for trailing hole
(bsc#1222459).
* btrfs: send: ensure send_fd is writable (git-fixes)
* btrfs: send: handle path ref underflow in header iterate_inode_ref() (git-
fixes)
* btrfs: send: return EOPNOTSUPP on unknown flags (git-fixes)
* btrfs: set page extent mapped after read_folio in relocate_one_page (git-
fixes)
* btrfs: simplify check for extent item overrun at
lookup_inline_extent_backref() (bsc#1220120).
* btrfs: stop doing excessive space reservation for csum deletion
(bsc#1220120).
* btrfs: store the error that turned the fs into error state (bsc#1220120).
* btrfs: sysfs: validate scrub_speed_max value (git-fixes)
* btrfs: tree-checker: fix inline ref size in error messages (git-fixes)
* btrfs: update comment for btrfs_join_transaction_nostart() (bsc#1220120).
* btrfs: update documentation for add_new_free_space() (bsc#1220120).
* btrfs: use a bool to track qgroup record insertion when adding ref head
(bsc#1220120).
* btrfs: use a single switch statement when initializing delayed ref head
(bsc#1220120).
* btrfs: use a single variable for return value at
lookup_inline_extent_backref() (bsc#1220120).
* btrfs: use a single variable for return value at run_delayed_extent_op()
(bsc#1220120).
* btrfs: use bool type for delayed ref head fields that are used as booleans
(bsc#1220120).
* btrfs: use the correct superblock to compare fsid in btrfs_validate_super
(git-fixes)
* btrfs: use u64 for buffer sizes in the tree search ioctls (git-fixes)
* btrfs: zoned: do not skip block groups with 100% zone unusable
(bsc#1220120).
* bus: mhi: ep: check the correct variable in mhi_ep_register_controller()
(git-fixes).
* ceph: redirty page before returning AOP_WRITEPAGE_ACTIVATE (bsc#1224866).
* ceph: stop copying to iter at EOF on sync reads (bsc#1222606).
* certs: Add ECDSA signature verification self-test (bsc#1222777).
* certs: Move RSA self-test data to separate file (bsc#1222777).
* cifs: account for primary channel in the interface list (bsc#1225172).
* cifs: cifs_chan_is_iface_active should be called with chan_lock held
(bsc#1225172).
* cifs: distribute channels across interfaces based on speed (bsc#1225172).++
kernel-source.spec (revision 4)%define git_commit
596cd3fdbd0fb5902e80279485ad8596f4e82397Release: <RELEASE>.g596cd3f
* cifs: do not pass cifs_sb when trying to add channels (bsc#1225172).
* cifs: Do not use certain unnecessary folio_*() functions (bsc#1225172).
* cifs: failure to add channel on iface should bump up weight (git-fixes,
bsc#1225172).
* cifs: fix charset issue in reconnection (bsc#1225172).
* cifs: fix leak of iface for primary channel (git-fixes, bsc#1225172).
* cifs: handle cases where a channel is closed (bsc#1225172).
* cifs: handle cases where multiple sessions share connection (bsc#1225172).
* cifs: reconnect work should have reference on server struct (bsc#1225172).
* clk: Do not hold prepare_lock when calling kref_put() (stable-fixes).
* clk: Get runtime PM before walking tree during disable_unused (git-fixes).
* clk: Get runtime PM before walking tree for clk_summary (git-fixes).
* clk: Initialize struct clk_core kref earlier (stable-fixes).
* clk: mediatek: Do a runtime PM get on controllers during probe (git-fixes).
* clk: mediatek: mt8365-mm: fix DPI0 parent (git-fixes).
* clk: mediatek: pllfh: Do not log error for missing fhctl node (git-fixes).
* clk: qcom: clk-alpha-pll: fix rate setting for Stromer PLLs (git-fixes).
* clk: qcom: clk-alpha-pll: remove invalid Stromer register offset (git-
fixes).
* clk: qcom: dispcc-sm6350: fix DisplayPort clocks (git-fixes).
* clk: qcom: dispcc-sm8450: fix DisplayPort clocks (git-fixes).
* clk: qcom: dispcc-sm8550: fix DisplayPort clocks (git-fixes).
* clk: qcom: mmcc-msm8998: fix venus clock issue (git-fixes).
* clk: qcom: reset: Commonize the de/assert functions (stable-fixes).
* clk: qcom: reset: Ensure write completion on reset de/assertion (git-fixes).
* clk: Remove prepare_lock hold assertion in __clk_release() (git-fixes).
* clk: renesas: r8a779a0: Fix CANFD parent clock (git-fixes).
* clk: renesas: r9a07g043: Add clock and reset entry for PLIC (git-fixes).
* clk: rs9: fix wrong default value for clock amplitude (git-fixes).
* clk: samsung: exynosautov9: fix wrong pll clock id value (git-fixes).
* clk: Show active consumers of clocks in debugfs (stable-fixes).
* clk: sunxi-ng: h6: Reparent CPUX during PLL CPUX rate change (git-fixes).
* clocksource/drivers/arm_global_timer: Fix maximum prescaler value (git-
fixes).
* clocksource/drivers/imx: Fix -Wunused-but-set-variable warning (git-fixes).
* comedi: vmk80xx: fix incomplete endpoint checking (git-fixes).
* coresight: trbe: Add a representative coresight_platform_data for
(bsc#1220587)
* coresight: trbe: Allocate platform data per device (bsc#1220587)
* coresight: trbe: Enable ACPI based TRBE devices (bsc#1220587)
* counter: linux/counter.h: fix Excess kernel-doc description warning (git-
fixes).
* cppc_cpufreq: Fix possible null pointer dereference (git-fixes).
* cpufreq: brcmstb-avs-cpufreq: ISO C90 forbids mixed declarations (git-
fixes).
* cpufreq: exit() callback is optional (git-fixes).
* cpumask: Add for_each_cpu_from() (bsc#1225053).
* crypto: bcm - Fix pointer arithmetic (git-fixes).
* crypto: ccp - Add support for PCI device 0x156E (bsc#1223338).
* crypto: ccp - Add support for PCI device 0x17E0 (bsc#1223338).
* crypto: ccp - drop platform ifdef checks (git-fixes).
* crypto: ecc - update ecc_gen_privkey for FIPS 186-5 (bsc#1222782).
* crypto: ecdsa - Fix module auto-load on add-key (git-fixes).
* crypto: lib/mpi - Fix unexpected pointer access in mpi_ec_init (git-fixes).
* crypto: qat - Fix ADF_DEV_RESET_SYNC memory leak (git-fixes).
* crypto: qat - fix ring to service map for dcc in 4xxx (git-fixes).
* crypto: qat - improve error logging to be consistent across features (git-
fixes).
* crypto: qat - relocate and rename get_service_enabled() (stable-fixes).
* crypto: qat - specify firmware files for 402xx (git-fixes).
* crypto: rsa - add a check for allocation failure (bsc#1222775).
* crypto: rsa - allow only odd e and restrict value in FIPS mode
(bsc#1222775).
* crypto: testmgr - remove unused xts4096 and xts512 algorithms from testmgr.c
(bsc#1222769).
* crypto: x86/nh-avx2 - add missing vzeroupper (git-fixes).
* crypto: x86/sha256-avx2 - add missing vzeroupper (git-fixes).
* crypto: x86/sha512-avx2 - add missing vzeroupper (git-fixes).
* cxl/acpi: Fix load failures due to single window creation failure (git-
fixes).
* cxl/pci: Fix disabling memory if DVSEC CXL Range does not match a CFMWS
window (git-fixes).
* cxl/trace: Properly initialize cxl_poison region name (git-fixes).
* dax: alloc_dax() return ERR_PTR(-EOPNOTSUPP) for CONFIG_DAX=n
(jsc#PED-5853).
* dax/bus.c: replace driver-core lock usage by a local rwsem (jsc#PED-5853).
* dax/bus.c: replace several sprintf() with sysfs_emit() (jsc#PED-5853).
* device-dax: make dax_bus_type const (jsc#PED-5853).
* dlm: fix user space lkb refcounting (git-fixes).
* dma-buf: Fix NULL pointer dereference in sanitycheck() (git-fixes).
* dma-buf/sw-sync: do not enable IRQ from sync_print_obj() (git-fixes).
* dmaengine: axi-dmac: fix possible race in remove() (git-fixes).
* dmaengine: idma64: Add check for dma_set_max_seg_size (git-fixes).
* dmaengine: idxd: Avoid unnecessary destruction of file_ida (git-fixes).
* dmaengine: idxd: Fix oops during rmmod on single-CPU platforms (git-fixes).
* dmaengine: owl: fix register access functions (git-fixes).
* dmaengine: tegra186: Fix residual calculation (git-fixes).
* dma-mapping: benchmark: fix node id validation (git-fixes).
* dma-mapping: benchmark: handle NUMA_NO_NODE correctly (git-fixes).
* dm/amd/pm: Fix problems with reboot/shutdown for some SMU 13.0.4/13.0.11
users (git-fixes).
* dma: xilinx_dpdma: Fix locking (git-fixes).
* dm crypt: remove redundant state settings after waking up (jsc#PED-7542).
* dm-integrity: set max_integrity_segments in dm_integrity_io_hints
(jsc#PED-7542).
* dm-multipath: dont't attempt SG_IO on non-SCSI-disks (bsc#1223575).
* dm-raid: add a new helper prepare_suspend() in md_personality
(jsc#PED-7542).
* dm-raid: really frozen sync_thread during suspend (jsc#PED-7542).
* dm thin: add braces around conditional code that spans lines (jsc#PED-7542).
* dm: update relevant MODULE_AUTHOR entries to latest dm-devel mailing list
(jsc#PED-7542).
* dm verity: set DM_TARGET_SINGLETON feature flag (jsc#PED-7542).
* Docs/admin-guide/mm/damon/usage: fix wrong example of DAMOS filter matching
sysfs file (git-fixes).
* docs: kernel_include.py: Cope with docutils 0.21 (stable-fixes).
* docs: netdev: Fix typo in Signed-off-by tag (git-fixes).
* docs: Restore "smart quotes" for quotes (stable-fixes).
* driver core: Introduce device_link_wait_removal() (stable-fixes).
* drivers/nvme: Add quirks for device 126f:2262 (git-fixes).
* drm: add drm_gem_object_is_shared_for_memory_stats() helper (stable-fixes).
* drm/amd/amdgpu: Fix potential ioremap() memory leaks in amdgpu_device_init()
(stable-fixes).
* drm/amd/display: Add dml2 copy functions (stable-fixes).
* drm/amd/display: Allow dirty rects to be sent to dmub when abm is active
(stable-fixes).
* drm/amd/display: Atom Integrated System Info v2_2 for DCN35 (stable-fixes).
* drm/amd/display: Change default size for dummy plane in DML2 (stable-fixes).
* drm/amd/display: Do not recursively call manual trigger programming (stable-
fixes).
* drm/amd/display: Enable colorspace property for MST connectors (git-fixes).
* drm/amd/display: Fix bounds check for dcn35 DcfClocks (git-fixes).
* drm/amd/display: fix disable otg wa logic in DCN316 (stable-fixes).
* drm/amd/display: Fix division by zero in setup_dsc_config (stable-fixes).
* drm/amd/display: Fix idle check for shared firmware state (stable-fixes).
* drm/amd/display: Fix incorrect DSC instance for MST (stable-fixes).
* drm/amd/display: fix input states translation error for dcn35 & dcn351
(stable-fixes).
* drm/amd/display: Fix nanosec stat overflow (stable-fixes).
* drm/amd/display: Fix noise issue on HDMI AV mute (stable-fixes).
* drm/amd/display: Fix potential index out of bounds in color transformation
function (git-fixes).
* drm/amd/display: handle range offsets in VRR ranges (stable-fixes).
* drm/amd/display: Handle Y carry-over in VCP X.Y calculation (stable-fixes).
* drm/amd/display: Init DPPCLK from SMU on dcn32 (stable-fixes).
* drm/amd/display: Override min required DCFCLK in dml1_validate (stable-
fixes).
* drm/amd/display: Prevent crash when disable stream (stable-fixes).
* drm/amd/display: Program VSC SDP colorimetry for all DP sinks >= 1.4
(stable-fixes).
* drm/amd/display: Remove MPC rate control logic from DCN30 and above (stable-
fixes).
* drm/amd/display: Remove redundant condition in dcn35_calc_blocks_to_gate()
(git-fixes).
* drm/amd/display: Return the correct HDCP error code (stable-fixes).
* drm/amd/display: Set DCN351 BB and IP the same as DCN35 (stable-fixes).
* drm/amd/display: Set VSC SDP Colorimetry same way for MST and SST (stable-
fixes).
* drm/amd/display: Use freesync when `DRM_EDID_FEATURE_CONTINUOUS_FREQ` found
(stable-fixes).
* drm/amd: Flush GFXOFF requests in prepare stage (git-fixes).
* drm/amdgpu: always force full reset for SOC21 (stable-fixes).
* drm/amdgpu: amdgpu_ttm_gart_bind set gtt bound flag (stable-fixes).
* drm/amdgpu: Assign correct bits for SDMA HDP flush (stable-fixes).
* drm/amdgpu/display: Address kdoc for 'is_psr_su' in 'fill_dc_dirty_rects'
(git-fixes).
* drm/amdgpu: drop setting buffer funcs in sdma442 (git-fixes).
* drm/amdgpu: Fix comparison in amdgpu_res_cpu_visible (git-fixes).
* drm/amdgpu: fix deadlock while reading mqd from debugfs (git-fixes).
* drm/amdgpu: fix doorbell regression (git-fixes).
* drm/amdgpu: fix incorrect number of active RBs for gfx11 (stable-fixes).
* drm/amdgpu: Fix leak when GPU memory allocation fails (stable-fixes).
* drm/amdgpu: fix mmhub client id out-of-bounds access (git-fixes).
* drm/amdgpu: fix use-after-free bug (stable-fixes).
* drm/amdgpu: Fix VCN allocation in CPX partition (stable-fixes).
* drm/amdgpu: fix visible VRAM handling during faults (git-fixes).
* drm/amdgpu: implement IRQ_STATE_ENABLE for SDMA v4.4.2 (stable-fixes).
* drm/amdgpu: make damage clips support configurable (stable-fixes).
* drm/amdgpu: once more fix the call oder in amdgpu_ttm_move() v2 (git-fixes).
* drm/amdgpu/pm: Check the validity of overdiver power limit (git-fixes).
* drm/amdgpu/pm: Fix NULL pointer dereference when get power limit (git-
fixes).
* drm/amdgpu/pm: Fix the error of pwm1_enable setting (stable-fixes).
* drm/amdgpu: Refine IB schedule error logging (stable-fixes).
* drm/amdgpu: remove invalid resource->start check v2 (git-fixes).
* drm/amdgpu: Reset dGPU if suspend got aborted (stable-fixes).
* drm/amdgpu/sdma5.2: use legacy HDP flush for SDMA2/3 (stable-fixes).
* drm/amdgpu: validate the parameters of bo mapping operations more clearly
(git-fixes).
* drm/amdkfd: Check cgroup when returning DMABuf info (stable-fixes).
* drm/amdkfd: do not allow mapping the MMIO HDP page with large pages (git-
fixes).
* drm/amdkfd: Fix memory leak in create_process failure (git-fixes).
* drm/amdkfd: fix TLB flush after unmap for GFX9.4.2 (stable-fixes).
* drm/amdkfd: range check cp bad op exception interrupts (stable-fixes).
* drm/amdkfd: Reset GPU on queue preemption failure (stable-fixes).
* drm/amd/pm: fixes a random hang in S4 for SMU v13.0.4/11 (stable-fixes).
* drm/amd/swsmu: modify the gfx activity scaling (stable-fixes).
* drm/arm/malidp: fix a possible null pointer dereference (git-fixes).
* drm/ast: Fix soft lockup (git-fixes).
* drm/bridge: anx7625: Do not log an error when DSI host can't be found (git-
fixes).
* drm: bridge: cdns-mhdp8546: Fix possible null pointer dereference (git-
fixes).
* drm/bridge: dpc3433: Do not log an error when DSI host can't be found (git-
fixes).
* drm/bridge: Fix improper bridge init order with pre_enable_prev_first (git-
fixes).
* drm/bridge: icn6211: Do not log an error when DSI host can't be found (git-
fixes).
* drm/bridge: lt8912b: Do not log an error when DSI host can't be found (git-
fixes).
* drm/bridge: lt9611: Do not log an error when DSI host can't be found (git-
fixes).
* drm/bridge: lt9611uxc: Do not log an error when DSI host can't be found
(git-fixes).
* drm/bridge: tc358775: Do not log an error when DSI host can't be found (git-
fixes).
* drm/bridge: tc358775: fix support for jeida-18 and jeida-24 (git-fixes).
* drm/buddy: check range allocation matches alignment (stable-fixes).
* drm: Check output polling initialized before disabling (stable-fixes).
* drm: Check polling initialized before enabling in
drm_helper_probe_single_connector_modes (stable-fixes).
* drm/client: Fully protect modes[] with dev->mode_config.mutex (stable-
fixes).
* drm/connector: Add \n to message about demoting connector force-probes (git-
fixes).
* drm/display: fix typo (git-fixes).
* drm/exynos: do not return negative values from .get_modes() (stable-fixes).
* drm/fbdev-generic: Do not set physical framebuffer address (git-fixes).
* drm: Fix drm_fixp2int_round() making it add 0.5 (git-fixes).
* drm/gma500: Remove lid code (git-fixes).
* drm/i915/audio: Fix audio time stamp programming for DP (stable-fixes).
* drm/i915/bios: Fix parsing backlight BDB data (git-fixes).
* drm/i915/bios: Tolerate devdata==NULL in
intel_bios_encoder_supports_dp_dual_mode() (stable-fixes).
* drm/i915/cdclk: Fix CDCLK programming order when pipes are active (git-
fixes).
* drm/i915: Disable live M/N updates when using bigjoiner (stable-fixes).
* drm/i915: Disable port sync when bigjoiner is used (stable-fixes).
* drm/i915/display: Use i915_gem_object_get_dma_address to get dma address
(stable-fixes).
* drm/i915: Do not match JSL in ehl_combo_pll_div_frac_wa_needed() (git-
fixes).
* drm/i915/dp: Fix the computation for compressed_bpp for DISPLAY < 13
(git-fixes).
* drm/i915/dp: Remove support for UHBR13.5 (git-fixes).
* drm/i915/dpt: Make DPT object unshrinkable (git-fixes).
* drm/i915/dsb: Fix DSB vblank waits when using VRR (git-fixes).
* drm/i915/dsi: Go back to the previous INIT_OTP/DISPLAY_ON order, mostly
(git-fixes).
* drm/i915: Fix audio component initialization (git-fixes).
* drm/i915/gt: Automate CCS Mode setting during engine resets (git-fixes).
* drm/i915/gt: Disable HW load balancing for CCS (git-fixes).
* drm/i915/gt: Disarm breadcrumbs if engines are already idle (git-fixes).
* drm/i915/gt: Do not generate the command streamer for all the CCS (git-
fixes).
* drm/i915/gt: Enable only one CCS for compute workload (git-fixes).
* drm/i915/gt: Fix CCS id's calculation for CCS mode setting (git-fixes).
* drm/i915/gt: Reset queue_priority_hint on parking (git-fixes).
* drm/i915/guc: avoid FIELD_PREP warning (git-fixes).
* drm/i915/hwmon: Fix locking inversion in sysfs getter (git-fixes).
* drm/i915: Include the PLL name in the debug messages (stable-fixes).
* drm/i915/lspcon: Separate function to set expected mode (bsc#1193599).
* drm/i915/lspcon: Separate lspcon probe and lspcon init (bsc#1193599).
* drm/i915/mst: Limit MST+DSC to TGL+ (git-fixes).
* drm/i915/mst: Reject FEC+MST on ICL (git-fixes).
* drm/i915: Pre-populate the cursor physical dma address (git-fixes).
* drm/i915: Replace a memset() with zero initialization (stable-fixes).
* drm/i915: Stop printing pipe name as hex (stable-fixes).
* drm/i915: Suppress old PLL pipe_mask checks for MG/TC/TBT PLLs (stable-
fixes).
* drm/i915: Try to preserve the current shared_dpll for fastset on type-c
ports (stable-fixes).
* drm/i915: Use named initializers for DPLL info (stable-fixes).
* drm/i915/vrr: Disable VRR when using bigjoiner (stable-fixes).
* drm/i915/vrr: Generate VRR "safe window" for DSB (git-fixes).
* drm/imx/ipuv3: do not return negative values from .get_modes() (stable-
fixes).
* drm/lcdif: Do not disable clocks on already suspended hardware (git-fixes).
* drm/mediatek: Add 0 size check to mtk_drm_gem_obj (git-fixes).
* drm/mediatek: dp: Fix mtk_dp_aux_transfer return value (git-fixes).
* drm/mediatek: Init `ddp_comp` with devm_kcalloc() (git-fixes).
* drm/meson: dw-hdmi: add bandgap setting for g12 (git-fixes).
* drm/meson: dw-hdmi: power up phy on device init (git-fixes).
* drm/meson: gate px_clk when setting rate (git-fixes).
* drm/meson: vclk: fix calculation of 59.94 fractional rates (git-fixes).
* drm/msm/a6xx: Avoid a nullptr dereference when speedbin setting fails (git-
fixes).
* drm/msm: Add newlines to some debug prints (git-fixes).
* drm/msm/adreno: fix CP cycles stat retrieval on a7xx (git-fixes).
* drm/msm/dp: allow voltage swing / pre emphasis of 3 (git-fixes).
* drm/msm/dp: Avoid a long timeout for AUX transfer if nothing connected (git-
fixes).
* drm/msm/dp: fix typo in dp_display_handle_port_status_changed() (git-fixes).
* drm/msm/dpu: Add callback function pointer check before its call (git-
fixes).
* drm/msm/dpu: Allow configuring multiple active DSC blocks (git-fixes).
* drm/msm/dpu: Always flush the slave INTF on the CTL (git-fixes).
* drm/msm/dpu: do not allow overriding data from catalog (git-fixes).
* drm/msm/dpu: make error messages at dpu_core_irq_register_callback() more
sensible (git-fixes).
* drm/msm/dpu: use devres-managed allocation for MDP TOP (stable-fixes).
* drm/msm/dsi: Print dual-DSI-adjusted pclk instead of original mode pclk
(git-fixes).
* drm/nouveau/disp: Fix missing backlight control on Macbook 5, 1
(bsc#1223838).
* drm/nouveau/dp: Do not probe eDP ports twice harder (stable-fixes).
* drm/nouveau/dp: Fix incorrect return code in r535_dp_aux_xfer() (git-fixes).
* drm/nouveau/firmware: Fix SG_DEBUG error with nvkm_firmware_ctor() (stable-
fixes).
* drm/nouveau: use tile_mode and pte_kind for VM_BIND bo allocations (git-
fixes).
* drm: nv04: Fix out of bounds access (git-fixes).
* drm/omapdrm: Fix console by implementing fb_dirty (git-fixes).
* drm/panel: do not return negative error codes from drm_panel_get_modes()
(stable-fixes).
* drm/panel: ili9341: Respect deferred probe (git-fixes).
* drm/panel: ili9341: Use predefined error codes (git-fixes).
* drm/panel: ltk050h3146w: add MIPI_DSI_MODE_VIDEO to LTK050H3148W flags (git-
fixes).
* drm/panel: ltk050h3146w: drop duplicate commands from LTK050H3148W init
(git-fixes).
* drm/panel: novatek-nt35950: Do not log an error when DSI host can't be found
(git-fixes).
* drm: panel-orientation-quirks: Add quirk for GPD Win Mini (stable-fixes).
* drm/panel: simple: Add missing Innolux G121X1-L03 format, flags, connector
(git-fixes).
* drm/panel: sitronix-st7789v: fix display size for jt240mhqs_hwt_ek_e3 panel
(git-fixes).
* drm/panel: sitronix-st7789v: fix timing for jt240mhqs_hwt_ek_e3 panel (git-
fixes).
* drm/panel: sitronix-st7789v: tweak timing for jt240mhqs_hwt_ek_e3 panel
(git-fixes).
* drm/panel: visionox-rm69299: do not unregister DSI device (git-fixes).
* drm/panfrost: fix power transition timeout warnings (git-fixes).
* drm/panfrost: Fix the error path in panfrost_mmu_map_fault_addr() (git-
fixes).
* drm/prime: Unbreak virtgpu dma-buf export (git-fixes).
* drm/probe-helper: warn about negative .get_modes() (stable-fixes).
* drm/qxl: remove unused `count` variable from `qxl_surface_id_alloc()` (git-
fixes).
* drm/qxl: remove unused variable from `qxl_process_single_command()` (git-
fixes).
* drm/radeon: make -fstrict-flex-arrays=3 happy (git-fixes).
* drm/radeon: silence UBSAN warning (v3) (stable-fixes).
* drm/rockchip: vop2: Do not divide height twice for YUV (git-fixes).
* drm/rockchip: vop2: Remove AR30 and AB30 format support (git-fixes).
* drm/sched: fix null-ptr-deref in init entity (git-fixes).
* drm/shmem-helper: Fix BUG_ON() on mmap(PROT_WRITE, MAP_PRIVATE) (git-fixes).
* drm/ttm: return ENOSPC from ttm_bo_mem_space v3 (stable-fixes).
* drm/ttm: stop pooling cached NUMA pages v2 (git-fixes).
* drm/vc4: do not check if plane->state->fb == state->fb (stable-fixes).
* drm: vc4: Fix possible null pointer dereference (git-fixes).
* drm/vc4: hdmi: do not return negative values from .get_modes() (stable-
fixes).
* drm/vmwgfx: Create debugfs ttm_resource_manager entry only if needed (git-
fixes).
* drm/vmwgfx: Enable DMA mappings with SEV (git-fixes).
* drm/vmwgfx: Fix crtc's atomic check conditional (git-fixes).
* drm/vmwgfx: Fix invalid reads in fence signaled events (git-fixes).
* drm/vmwgfx: Fix Legacy Display Unit (git-fixes).
* drm/vmwgfx: Fix prime import/export (git-fixes).
* drm/vmwgfx: Sort primary plane formats by order of preference (git-fixes).
* drm: zynqmp_dpsub: Always register bridge (git-fixes).
* dt-bindings: clock: qcom: Add missing UFS QREF clocks (git-fixes)
* dump_stack: Do not get cpu_sync for panic CPU (bsc#1225607).
* dyndbg: fix old BUG_ON in >control parser (stable-fixes).
* e1000e: Minor flow correction in e1000_shutdown function (git-fixes).
* e1000e: move force SMBUS from enable ulp function to avoid PHY loss issue
(git-fixes).
* e1000e: Workaround for sporadic MDI error on Meteor Lake systems (git-
fixes).
* ecryptfs: Fix buffer size for tag 66 packet (git-fixes)
* ecryptfs: Reject casefold directory inodes (git-fixes)
* EDAC/synopsys: Fix ECC status and IRQ control race condition (git-fixes).
* Edit "amdkfd: use calloc instead of kzalloc to avoid integer overflow"
Reference CVE and bug numbers.
* efi: disable mirror feature during crashkernel (stable-fixes).
* efi: fix panic in kdump kernel (git-fixes).
* efi: libstub: only free priv.runtime_map when allocated (git-fixes).
* efi/unaccepted: do not let /proc/vmcore try to access unaccepted memory
(git-fixes).
* efi/unaccepted: touch soft lockup during memory accept (git-fixes).
* Enable CONFIG_FIPS_SIGNATURE_SELFTEST (bsc#1222771)
* Enable new CONFIG_FIPS_SIGNATURE_SELFTEST_ECDSA.
* Enable new CONFIG_FIPS_SIGNATURE_SELFTEST_RSA.
* extcon: max8997: select IRQ_DOMAIN instead of depending on it (git-fixes).
* fast_dput(): handle underflows gracefully (git-fixes)
* fat: fix uninitialized field in nostale filehandles (git-fixes)
* fbdev: fix incorrect address computation in deferred IO (git-fixes).
* fbdev: savage: Handle err return when savagefb_check_var failed (git-fixes).
* fbdev: sh7760fb: allow modular build (git-fixes).
* fbdev: shmobile: fix snprintf truncation (git-fixes).
* fbdev: sisfb: hide unused variables (git-fixes).
* fbdev: viafb: fix typo in hw_bitblt_1 and hw_bitblt_2 (stable-fixes).
* fbmon: prevent division by zero in fb_videomode_from_videomode() (stable-
fixes).
* firewire: core: use long bus reset on gap count error (stable-fixes).
* firewire: ohci: mask bus reset interrupts between ISR and bottom half
(stable-fixes).
* firmware: arm_scmi: Make raw debugfs entries non-seekable (git-fixes).
* firmware: dmi-id: add a release callback function (git-fixes).
* firmware: raspberrypi: Use correct device for DMA mappings (git-fixes).
* firmware: tegra: bpmp: Return directly after a failed kzalloc() in
get_filename() (stable-fixes).
* Fix a potential infinite loop in extract_user_to_sg() (git-fixes).
* Fix build errors due to new UIO_MEM_DMA_COHERENT mess (git-fixes).
* fs/9p: only translate RWX permissions for plain 9P2000 (git-fixes)
* fs/9p: translate O_TRUNC into OTRUNC (git-fixes)
* fs: Fix error checking for d_hash_and_lookup() (git-fixes)
* fs: indicate request originates from old mount API (git-fixes)
* fs: relax mount_setattr() permission checks (git-fixes)
* fsverity: skip PKCS#7 parser when keyring is empty (git-fixes)
* ftrace: Fix possible use-after-free issue in ftrace_location() (git-fixes).
* fuse: do not unhash root (bsc#1223946).
* fuse: fix root lookup with nonzero generation (bsc#1223945).
* geneve: fix header validation in geneve[6]_xmit_skb (git-fixes).
* geneve: make sure to pull inner header in geneve_rx() (git-fixes).
* gpio: cdev: check for NULL labels when sanitizing them for irqs (git-fixes).
* gpio: cdev: fix missed label sanitizing in debounce_setup() (git-fixes).
* gpio: cdev: sanitize the label before requesting the interrupt (stable-
fixes).
* gpio: crystalcove: Use -ENOTSUPP consistently (stable-fixes).
* gpiolib: cdev: fix uninitialised kfifo (git-fixes).
* gpiolib: cdev: relocate debounce_period_us from struct gpio_desc (stable-
fixes).
* gpiolib: swnode: Remove wrong header inclusion (git-fixes).
* gpio: tangier: Use correct type for the IRQ chip data (git-fixes).
* gpio: tegra186: Fix tegra186_gpio_is_accessible() check (git-fixes).
* gpio: wcove: Use -ENOTSUPP consistently (stable-fixes).
* gpu: host1x: Do not setup DMA for virtual devices (stable-fixes).
* gtp: fix use-after-free and null-ptr-deref in gtp_newlink() (git-fixes).
* HID: amd_sfh: Handle "no sensors" in PM operations (git-fixes).
* HID: i2c-hid: remove I2C_HID_READ_PENDING flag to prevent lock-up (git-
fixes).
* HID: input: avoid polling stylus battery on Chromebook Pompom (stable-
fixes).
* HID: intel-ish-hid: ipc: Add check for pci_alloc_irq_vectors (git-fixes).
* HID: intel-ish-hid: ipc: Fix dev_err usage with uninitialized dev->devc
(git-fixes).
* HID: logitech-dj: allow mice to use all types of reports (git-fixes).
* HID: multitouch: Add required quirk for Synaptics 0xcddc device (stable-
fixes).
* hwmon: (amc6821) add of_match table (stable-fixes).
* hwmon: (corsair-cpro) Protect ccp->wait_input_report with a spinlock (git-
fixes).
* hwmon: (corsair-cpro) Use a separate buffer for sending commands (git-
fixes).
* hwmon: (corsair-cpro) Use complete_all() instead of complete() in
ccp_raw_event() (git-fixes).
* hwmon: (intel-m10-bmc-hwmon) Fix multiplier for N6000 board power sensor
(git-fixes).
* hwmon: (lm70) fix links in doc and comments (git-fixes).
* hwmon: (pmbus/ucd9000) Increase delay from 250 to 500us (git-fixes).
* hwmon: (shtc1) Fix property misspelling (git-fixes).
* hwtracing: hisi_ptt: Move type check to the beginning of
hisi_ptt_pmu_event_init() (git-fixes).
* i2c: acpi: Unbind mux adapters before delete (git-fixes).
* i2c: cadence: Avoid fifo clear after start (git-fixes).
* i2c: pxa: hide unused icr_bits[] variable (git-fixes).
* i2c: smbus: fix NULL function pointer dereference (git-fixes).
* i2c: synquacer: Fix an error handling path in synquacer_i2c_probe() (git-
fixes).
* i3c: master: svc: change ENXIO to EAGAIN when IBI occurs during start frame
(git-fixes).
* i3c: master: svc: fix invalidate IBI type and miss call client IBI handler
(git-fixes).
* i40e: disable NAPI right after disabling irqs when handling xsk_pool (git-
fixes).
* i40e: Enforce software interrupt during busy-poll exit (git-fixes).
* i40e: Fix firmware version comparison function (git-fixes).
* i40e: fix i40e_count_filters() to count only active/new filters (git-fixes).
* i40e: Fix VF MAC filter removal (git-fixes).
* i40e: fix vf may be used uninitialized in this function warning (git-fixes).
* i915: make inject_virtual_interrupt() void (stable-fixes).
* IB/mlx5: Use __iowrite64_copy() for write combining stores (git-fixes)
* ice: fix enabling RX VLAN filtering (git-fixes).
* ice: fix memory corruption bug with suspend and rebuild (git-fixes).
* ice: fix stats being updated by way too large values (git-fixes).
* ice: fix typo in assignment (git-fixes).
* ice: fix uninitialized dplls mutex usage (git-fixes).
* ice: reconfig host after changing MSI-X on VF (git-fixes).
* ice: Refactor FW data type and fix bitmap casting issue (git-fixes).
* ice: reorder disabling IRQ and NAPI in ice_qp_dis (git-fixes).
* ice: use relative VSI index for VFs instead of PF VSI number (git-fixes).
* ice: virtchnl: stop pretending to support RSS over AQ or registers (git-
fixes).
* ida: make 'ida_dump' static (git-fixes).
* idma64: Do not try to serve interrupts when device is powered off (git-
fixes).
* idpf: disable local BH when scheduling napi for marker packets (git-fixes).
* idpf: extend tx watchdog timeout (bsc#1224137).
* idpf: fix kernel panic on unknown packet types (git-fixes).
* igb: extend PTP timestamp adjustments to i211 (git-fixes).
* igb: Fix missing time sync events (git-fixes).
* igc: avoid returning frame twice in XDP_REDIRECT (git-fixes).
* igc: Fix missing time sync events (git-fixes).
* igc: Remove stale comment about Tx timestamping (git-fixes).
* iio: accel: mxc4005: Interrupt handling fixes (git-fixes).
* iio: adc: stm32: Fixing err code to not indicate success (git-fixes).
* iio: core: Leave private pointer NULL when no private data supplied (git-
fixes).
* iio: dummy_evgen: remove Excess kernel-doc comments (git-fixes).
* iio: gts-helper: Fix division loop (git-fixes).
* iio:imu: adis16475: Fix sync mode setting (git-fixes).
* iio: pressure: dps310: support negative temperature values (git-fixes).
* iio: pressure: Fixes BME280 SPI driver data (git-fixes).
* inet_diag: annotate data-races around inet_diag_table[] (git-fixes).
* inet: frags: eliminate kernel-doc warning (git-fixes).
* init/main.c: Fix potential static_command_line memory overflow (git-fixes).
* init: open /initrd.image with O_LARGEFILE (stable-fixes).
* Input: allocate keycode for Display refresh rate toggle (stable-fixes).
* Input: cyapa - add missing input core locking to suspend/resume functions
(git-fixes).
* Input: gpio_keys_polled - suppress deferred probe error for gpio (stable-
fixes).
* Input: imagis - use FIELD_GET where applicable (stable-fixes).
* Input: ims-pcu - fix printf string overflow (git-fixes).
* Input: pm8xxx-vibrator - correct VIB_MAX_LEVELS calculation (git-fixes).
* Input: synaptics-rmi4 - fail probing if memory allocation for "phys" fails
(stable-fixes).
* input/touchscreen: imagis: Correct the maximum touch area value (stable-
fixes).
* Input: xpad - add additional HyperX Controller Identifiers (stable-fixes).
* Input: xpad - add support for Snakebyte GAMEPADs (stable-fixes).
* intel: legacy: Partial revert of field get conversion (git-fixes).
* interconnect: qcom: osm-l3: Replace custom implementation of COUNT_ARGS()
(git-fixes).
* interconnect: qcom: qcm2290: Fix mas_snoc_bimc QoS port assignment (git-
fixes).
* interconnect: qcom: sc8180x: Mark CO0 BCM keepalive (git-fixes).
* interconnect: qcom: sm8550: Enable sync_state (git-fixes).
* iomap: clear the per-folio dirty bits on all writeback failures (git-fixes)
* iommu/arm-smmu-v3: Check that the RID domain is S1 in SVA (git-fixes).
* iommu/dma: Force swiotlb_max_mapping_size on an untrusted device
(bsc#1224331)
* iommu/dma: Trace bounce buffer usage when mapping buffers (git-fixes).
* iommufd: Add missing IOMMUFD_DRIVER kconfig for the selftest (git-fixes).
* iommufd: Fix iopt_access_list_id overwrite bug (git-fixes).
* iommufd/iova_bitmap: Bounds check mapped::pages access (git-fixes).
* iommufd/iova_bitmap: Consider page offset for the pages to be pinned (git-
fixes).
* iommufd/iova_bitmap: Switch iova_bitmap::bitmap to an u8 array (git-fixes).
* iommufd: Reject non-zero data_type if no data_len is provided (git-fixes).
* iommu: Map reserved memory as cacheable if device is coherent (git-fixes).
* iommu/vt-d: Allocate local memory for page request queue (git-fixes).
* iommu/vt-d: Fix wrong use of pasid config (git-fixes).
* iommu/vt-d: Set SSADE when attaching to a parent with dirty tracking (git-
fixes).
* iommu/vt-d: Update iotlb in nested domain attach (git-fixes).
* ionic: set adminq irq affinity (git-fixes).
* io_uring: kabi cookie remove (bsc#1217384).
* ipv4: annotate data-races around fi->fib_dead (git-fixes).
* irqchip/alpine-msi: Fix off-by-one in allocation error path (git-fixes).
* irqchip/armada-370-xp: Suppress unused-function warning (git-fixes).
* irqchip/gic-v3-its: Do not assume vPE tables are preallocated (git-fixes).
* irqchip/gic-v3-its: Fix VSYNC referencing an unmapped VPE on GIC v4.1 (git-
fixes).
* irqchip/gic-v3-its: Prevent double free on error (git-fixes).
* irqchip/loongson-pch-msi: Fix off-by-one on allocation error path (git-
fixes).
* irqchip/mbigen: Do not use bus_get_dev_root() to find the parent (git-
fixes).
* irqchip/renesas-rzg2l: Add macro to retrieve TITSR register offset based on
register's index (stable-fixes).
* irqchip/renesas-rzg2l: Flush posted write in irq_eoi() (git-fixes).
* irqchip/renesas-rzg2l: Implement restriction when writing ISCR register
(stable-fixes).
* irqchip/renesas-rzg2l: Prevent spurious interrupts when setting trigger type
(git-fixes).
* irqchip/renesas-rzg2l: Rename rzg2l_irq_eoi() (stable-fixes).
* irqchip/renesas-rzg2l: Rename rzg2l_tint_eoi() (stable-fixes).
* ixgbe: avoid sleeping allocation in ixgbe_ipsec_vf_add_sa() (git-fixes).
* ixgbe: {dis, en}able irqs in ixgbe_txrx_ring_{dis, en}able (git-fixes).
* jffs2: prevent xattr node from overflowing the eraseblock (git-fixes).
* kABI: Adjust trace_iterator.wait_index (git-fixes).
* kABI fix of KVM: x86/pmu: Allow programming events that match unsupported
arch events (bsc#1225696).
* kABI fix of KVM: x86: Snapshot if a vCPU's vendor model is AMD vs. Intel
compatible (git-fixes).
* kabi fix of perf/x86/intel: Expose existence of callback support to KVM (git
fixes).
* kabi/severities: ignore brcmfmac-specific local symbols
* kabi/severities: ignore IMS functions They were dropped in previous patches.
Noone is supposed to use them.
* kabi/severities: ignore TAS2781 symbol drop, it's only locally used
* kabi/severities: ignore Wangxun ethernet driver local symbols
* kabi/severities: Remove mitigation-related symbols Those are used by the
core kernel to implement CPU vulnerabilities mitigation and are not expected
to be consumed by 3rd party users.
* kABI workaround for cs35l56 (git-fixes).
* kABI workaround for of driver changes (git-fixes).
* kasan: disable kasan_non_canonical_hook() for HW tags (git-fixes).
* kasan, fortify: properly rename memintrinsics (git-fixes).
* kasan: print the original fault addr when access invalid shadow (git-fixes).
* kasan/test: avoid gcc warning for intentional overflow (git-fixes).
* kbuild: Move -Wenum-{compare-conditional,enum-conversion} into W=1 (stable-
fixes).
* kconfig: fix infinite loop when expanding a macro at the end of file (git-
fixes).
* kexec: do syscore_shutdown() in kernel_kexec (git-fixes).
* KEYS: trusted: Do not use WARN when encode fails (git-fixes).
* KEYS: trusted: Fix memory leak in tpm2_key_encode() (git-fixes).
* kprobes: Fix possible use-after-free issue on kprobe registration (git-
fixes).
* kselftest: Add a ksft_perror() helper (stable-fixes).
* kunit/fortify: Fix mismatched kvalloc()/vfree() usage (git-fixes).
* KVM: nVMX: Clear EXIT_QUALIFICATION when injecting an EPT Misconfig (git-
fixes).
* KVM: s390: Check kvm pointer when testing KVM_CAP_S390_HPAGE_1M (git-fixes
bsc#1224790).
* KVM: SVM: Add support for allowing zero SEV ASIDs (git-fixes).
* KVM: SVM: Flush pages under kvm->lock to fix UAF in
svm_register_enc_region() (git-fixes).
* KVM: SVM: Use unsigned integers when dealing with ASIDs (git-fixes).
* KVM: VMX: Disable LBR virtualization if the CPU does not support LBR
callstacks (git-fixes).
* KVM: VMX: Report up-to-date exit qualification to userspace (git-fixes).
* KVM: x86: Allow, do not ignore, same-value writes to immutable MSRs (git-
fixes).
* KVM: x86: Fix broken debugregs ABI for 32 bit kernels (git-fixes).
* KVM: x86: Fully re-initialize supported_mce_cap on vendor module load (git-
fixes).
* KVM: x86: Introduce __kvm_get_hypervisor_cpuid() helper (git-fixes).
* KVM: x86: Mark target gfn of emulated atomic instruction as dirty (git-
fixes).
* KVM: x86/mmu: Do not force emulation of L2 accesses to non-APIC internal
slots (git-fixes).
* KVM: x86/mmu: Move private vs. shared check above slot validity checks (git-
fixes).
* KVM: x86/mmu: Restrict KVM_SW_PROTECTED_VM to the TDP MMU (git-fixes).
* KVM: x86/mmu: Write-protect L2 SPTEs in TDP MMU when clearing dirty status
(git-fixes).
* KVM: x86: Only set APICV_INHIBIT_REASON_ABSENT if APICv is enabled (git-
fixes).
* KVM: x86/pmu: Allow programming events that match unsupported arch events
(git-fixes).
* KVM: x86/pmu: Always treat Fixed counters as available when supported (git-
fixes).
* KVM: x86/pmu: Apply "fast" RDPMC only to Intel PMUs (git-fixes).
* KVM: x86/pmu: Disable support for adaptive PEBS (git-fixes).
* KVM: x86/pmu: Disallow "fast" RDPMC for architectural Intel PMUs (git-
fixes).
* KVM: x86/pmu: Do not ignore bits 31:30 for RDPMC index on AMD (git-fixes).
* KVM: x86/pmu: Do not mask LVTPC when handling a PMI on AMD platforms (git-
fixes).
* KVM: x86/pmu: Explicitly check NMI from guest to reducee false positives
(git-fixes).
* KVM: x86/pmu: Prioritize VMX interception over #GP on RDPMC due to bad index
(git-fixes).
* KVM: x86/pmu: Set enable bits for GP counters in PERF_GLOBAL_CTRL at "RESET"
(git-fixes).
* KVM: x86/pmu: Zero out PMU metadata on AMD if PMU is disabled (git-fixes).
* KVM: x86: Snapshot if a vCPU's vendor model is AMD vs. Intel compatible
(git-fixes).
* KVM: x86: Update KVM_SW_PROTECTED_VM docs to make it clear they're a WIP
(git-fixes).
* KVM: x86: Use actual kvm_cpuid.base for clearing KVM_FEATURE_PV_UNHALT (git-
fixes).
* KVM: x86/xen: fix recursive deadlock in timer injection (git-fixes).
* KVM: x86/xen: improve accuracy of Xen timers (git-fixes).
* KVM: x86/xen: inject vCPU upcall vector when local APIC is enabled (git-
fixes).
* KVM: x86/xen: remove WARN_ON_ONCE() with false positives in evtchn delivery
(git-fixes).
* leds: pwm: Disable PWM when going to suspend (git-fixes).
* libnvdimm: Fix ACPI_NFIT in BLK_DEV_PMEM help (jsc#PED-5853).
* libperf evlist: Avoid out-of-bounds access (git-fixes).
* libsubcmd: Fix parse-options memory leak (git-fixes).
* lib/test_hmm.c: handle src_pfns and dst_pfns allocation failure (git-fixes).
* livepatch: Fix missing newline character in klp_resolve_symbols()
(bsc#1223539).
* locks: fix KASAN: use-after-free in trace_event_raw_event_filelock_lock
(git-fixes)
* lsm: fix the logic in security_inode_getsecctx() (git-fixes).
* mac802154: fix llsec key resources release in mac802154_llsec_key_del (git-
fixes).
* maple_tree: fix mas_empty_area_rev() null pointer dereference (git-fixes).
* md: add a new helper rdev_has_badblock() (jsc#PED-7542).
* md: add a new helper reshape_interrupted() (jsc#PED-7542).
* md: changed the switch of RAID_VERSION to if (jsc#PED-7542).
* md: check mddev->pers before calling md_set_readonly() (jsc#PED-7542).
* md: clean up invalid BUG_ON in md_ioctl (jsc#PED-7542).
* md: clean up openers check in do_md_stop() and md_set_readonly()
(jsc#PED-7542).
* md/dm-raid: do not call md_reap_sync_thread() directly (jsc#PED-7542).
* md: Do not clear MD_CLOSING when the raid is about to stop (jsc#PED-7542).
* md: do not clear MD_RECOVERY_FROZEN for new dm-raid until resume
(jsc#PED-7542).
* md: export helper md_is_rdwr() (jsc#PED-7542).
* md: export helpers to stop sync_thread (jsc#PED-7542).
* md: factor out a helper to sync mddev (jsc#PED-7542).
* md: fix kmemleak of rdev->serial (jsc#PED-7542).
* md: get rdev->mddev with READ_ONCE() (jsc#PED-7542).
* md: merge the check of capabilities into md_ioctl_valid() (jsc#PED-7542).
* md: preserve KABI in struct md_personality (jsc#PED-7542).
* md/raid1-10: add a helper raid1_check_read_range() (jsc#PED-7542).
* md/raid1-10: factor out a new helper raid1_should_read_first()
(jsc#PED-7542).
* md/raid1: factor out choose_bb_rdev() from read_balance() (jsc#PED-7542).
* md/raid1: factor out choose_slow_rdev() from read_balance() (jsc#PED-7542).
* md/raid1: factor out helpers to add rdev to conf (jsc#PED-7542).
* md/raid1: factor out helpers to choose the best rdev from read_balance()
(jsc#PED-7542).
* md/raid1: factor out read_first_rdev() from read_balance() (jsc#PED-7542).
* md/raid1: factor out the code to manage sequential IO (jsc#PED-7542).
* md/raid1: fix choose next idle in read_balance() (jsc#PED-7542).
* md/raid1: record nonrot rdevs while adding/removing rdevs to conf
(jsc#PED-7542).
* md: remove redundant check of 'mddev->sync_thread' (jsc#PED-7542).
* md: remove redundant md_wakeup_thread() (jsc#PED-7542).
* md: return directly before setting did_set_md_closing (jsc#PED-7542).
* md: sync blockdev before stopping raid or setting readonly (jsc#PED-7542).
* md: use RCU lock to protect traversal in md_spares_need_change()
(jsc#PED-7542).
* media: atomisp: ssh_css: Fix a null-pointer dereference in
load_video_binaries (git-fixes).
* media: cadence: csi2rx: use match fwnode for media link (git-fixes).
* media: cec: core: remove length check of Timer Status (stable-fixes).
* media: dt-bindings: ovti,ov2680: Fix the power supply names (git-fixes).
* media: flexcop-usb: fix sanity check of bNumEndpoints (git-fixes).
* media: i2c: et8ek8: Do not strip remove function when driver is builtin
(git-fixes).
* media: ipu3-cio2: Request IRQ earlier (git-fixes).
* media: mc: Fix flags handling when creating pad links (stable-fixes).
* media: mc: Fix graph walk in media_pipeline_start (git-fixes).
* media: mc: mark the media devnode as registered from the, start (git-fixes).
* media: mc: Rename pad variable to clarify intent (stable-fixes).
* media: ngene: Add dvb_ca_en50221_init return value check (git-fixes).
* media: rcar-vin: work around -Wenum-compare-conditional warning (git-fixes).
* media: rkisp1: Fix IRQ handling due to shared interrupts (stable-fixes).
* media: sta2x11: fix irq handler cast (stable-fixes).
* media: stk1160: fix bounds checking in stk1160_copy_video() (git-fixes).
* media: sunxi: a83-mips-csi2: also select GENERIC_PHY (git-fixes).
* media: uvcvideo: Add quirk for Logitech Rally Bar (git-fixes).
* media: v4l2-subdev: Fix stream handling for crop API (git-fixes).
* media: v4l: Do not turn on privacy LED if streamon fails (git-fixes).
* mei: me: add arrow lake point H DID (stable-fixes).
* mei: me: add arrow lake point S DID (stable-fixes).
* mei: me: add lunar lake point M DID (stable-fixes).
* mei: me: disable RPL-S on SPS and IGN firmwares (git-fixes).
* mlxbf_gige: call request_irq() after NAPI initialized (git-fixes).
* mlxbf_gige: stop interface during shutdown (git-fixes).
* mlxbf_gige: stop PHY during open() error paths (git-fixes).
* mlxsw: Use refcount_t for reference counting (git-fixes).
* mmc: core: Add HS400 tuning in HS400es initialization (stable-fixes).
* mmc: core: Avoid negative index with array access (git-fixes).
* mmc: core: Initialize mmc_blk_ioc_data (git-fixes).
* mmc: davinci: Do not strip remove function when driver is builtin (git-
fixes).
* mmc: omap: fix broken slot switch lookup (git-fixes).
* mmc: omap: fix deferred probe (git-fixes).
* mmc: omap: restore original power up/down steps (git-fixes).
* mmc: sdhci_am654: Add ITAPDLYSEL in sdhci_j721e_4bit_set_clock (git-fixes).
* mmc: sdhci_am654: Add OTAP/ITAP delay enable (git-fixes).
* mmc: sdhci_am654: Add tuning algorithm for delay chain (git-fixes).
* mmc: sdhci_am654: Fix ITAPDLY for HS400 timing (git-fixes).
* mmc: sdhci_am654: Write ITAPDLY for DDR52 timing (git-fixes).
* mmc: sdhci-msm: pervent access to suspended controller (git-fixes).
* mmc: sdhci-omap: re-tuning is needed after a pm transition to support emmc
HS200 mode (git-fixes).
* mm_init kABI workaround (git-fixes).
* mm: memcg: do not periodically flush stats when memcg is disabled
(bsc#1222525).
* mm: memcg: use larger batches for proactive reclaim (bsc#1222522).
* mm,page_owner: check for null stack_record before bumping its refcount
(bsc#1222366).
* mm,page_owner: Defer enablement of static branch (bsc#1222366).
* mm,page_owner: drop unnecessary check (bsc#1222366).
* mm,page_owner: Fix accounting of pages when migrating (bsc#1222366).
* mm,page_owner: Fix printing of stack records (bsc#1222366).
* mm,page_owner: fix recursion (bsc#1222366).
* mm,page_owner: Fix refcount imbalance (bsc#1222366).
* mm: page_owner: fix wrong information in dump_page_owner (git-fixes).
* mm,page_owner: Update metadata for tail pages (bsc#1222366).
* mm/slab: make __free(kfree) accept error pointers (git-fixes).
* modpost: Add '.ltext' and '.ltext.*' to TEXT_SECTIONS (stable-fixes).
* mptcp: annotate data-races around msk->rmem_fwd_alloc (git-fixes).
* mptcp: fix bogus receive window shrinkage with multiple subflows (git-
fixes).
* mptcp: move __mptcp_error_report in protocol.c (git-fixes).
* mptcp: process pending subflow error on close (git-fixes).
* mptcp: Remove unnecessary test for __mptcp_init_sock() (git-fixes).
* mtd: core: Report error if first mtd_otp_size() call fails in
mtd_otp_nvmem_add() (git-fixes).
* mtd: diskonchip: work around ubsan link failure (stable-fixes).
* mtd: rawnand: hynix: fixed typo (git-fixes).
* mtd: spinand: Add support for 5-byte IDs (stable-fixes).
* net: add netdev_lockdep_set_classes() to virtual drivers (git-fixes).
* net: annotate data-races around sk->sk_bind_phc (git-fixes).
* net: annotate data-races around sk->sk_forward_alloc (git-fixes).
* net: annotate data-races around sk->sk_lingertime (git-fixes).
* net: annotate data-races around sk->sk_tsflags (git-fixes).
* net: bonding: remove kernel-doc comment marker (git-fixes).
* net: cfg802154: fix kernel-doc notation warnings (git-fixes).
* net: dsa: microchip: fix register write order in ksz8_ind_write8() (git-
fixes).
* net: dsa: mt7530: fix handling of all link-local frames (git-fixes).
* net: dsa: mt7530: fix link-local frames that ingress vlan filtering ports
(git-fixes).
* net: dsa: mt7530: prevent possible incorrect XTAL frequency selection (git-
fixes).
* net: dsa: mt7530: trap link-local frames regardless of ST Port State (git-
fixes).
* net: dsa: sja1105: Fix parameters order in sja1110_pcs_mdio_write_c45()
(git-fixes).
* net: ena: Fix incorrect descriptor free behavior (git-fixes).
* net: ena: Fix potential sign extension issue (git-fixes).
* net: ena: Move XDP code to its new files (git-fixes).
* net: ena: Pass ena_adapter instead of net_device to ena_xmit_common() (git-
fixes).
* net: ena: Remove ena_select_queue (git-fixes).
* net: ena: Set tx_info->xdpf value to NULL (git-fixes).
* net: ena: Use tx_ring instead of xdp_ring for XDP channel TX (git-fixes).
* net: ena: Wrong missing IO completions check order (git-fixes).
* net: ethernet: mtk_eth_soc: fix PPE hanging issue (git-fixes).
* net: ethernet: ti: cpsw: enable mac_managed_pm to fix mdio (git-fixes).
* net: fec: Set mac_managed_pm during probe (git-fixes).
* netfilter: nf_tables: disable toggling dormant table state more than once
(git-fixes).
* netfilter: nf_tables: uapi: Describe NFTA_RULE_CHAIN_ID (git-fixes).
* netfilter: nft_ct: fix l3num expectations with inet pseudo family (git-
fixes).
* netfilter: nft_set_rbtree: use read spinlock to avoid datapath contention
(git-fixes).
* net: hns3: fix index limit to support all queue stats (git-fixes).
* net: hns3: fix kernel crash when 1588 is received on HIP08 devices (git-
fixes).
* net: hns3: fix kernel crash when devlink reload during pf initialization
(git-fixes).
* net: hns3: fix port duplex configure error in IMP reset (git-fixes).
* net: hns3: fix wrong judgment condition issue (git-fixes).
* net: hns3: mark unexcuted loopback test result as UNEXECUTED (git-fixes).
* net: hns3: tracing: fix hclgevf trace event strings (git-fixes).
* net: ice: Fix potential NULL pointer dereference in ice_bridge_setlink()
(git-fixes).
* net: ks8851: Handle softirqs at the end of IRQ thread to fix hang (git-
fixes).
* net: ks8851: Inline ks8851_rx_skb() (git-fixes).
* net: ks8851: Queue RX packets in IRQ handler instead of disabling BHs (git-
fixes).
* net: lan743x: Add set RFE read fifo threshold for PCI1x1x chips (git-fixes).
* net: libwx: fix memory leak on free page (git-fixes).
* net: llc: fix kernel-doc notation warnings (git-fixes).
* net: ll_temac: platform_get_resource replaced by wrong function (git-fixes).
* net: mana: Fix Rx DMA datasize and skb_over_panic (git-fixes).
* net: mediatek: mtk_eth_soc: clear MAC_MCR_FORCE_LINK only when MAC is up
(git-fixes).
* net/mlx5: Correctly compare pkt reformat ids (git-fixes).
* net/mlx5e: Change the warning when ignore_flow_level is not supported (git-
fixes).
* net/mlx5e: Do not produce metadata freelist entries in Tx port ts WQE xmit
(git-fixes).
* net/mlx5e: Fix MACsec state loss upon state update in offload path (git-
fixes).
* net/mlx5e: Fix mlx5e_priv_init() cleanup flow (git-fixes).
* net/mlx5e: HTB, Fix inconsistencies with QoS SQs number (git-fixes).
* net/mlx5e: RSS, Block changing channels number when RXFH is configured (git-
fixes).
* net/mlx5e: RSS, Block XOR hash with over 128 channels (git-fixes).
* net/mlx5: E-switch, Change flow rule destination checking (git-fixes).
* net/mlx5: E-switch, store eswitch pointer before registering devlink_param
(git-fixes).
* net/mlx5e: Switch to using _bh variant of of spinlock API in port
timestamping NAPI poll context (git-fixes).
* net/mlx5e: Use a memory barrier to enforce PTP WQ xmit submission tracking
occurs after populating the metadata_map (git-fixes).
* net/mlx5: Fix fw reporter diagnose output (git-fixes).
* net/mlx5: Fix peer devlink set for SF representor devlink port (git-fixes).
* net/mlx5: Lag, restore buckets number to default after hash LAG deactivation
(git-fixes).
* net/mlx5: offset comp irq index in name by one (git-fixes).
* net/mlx5: Properly link new fs rules into the tree (git-fixes).
* net/mlx5: Register devlink first under devlink lock (git-fixes).
* net/mlx5: Restore mistakenly dropped parts in register devlink flow (git-
fixes).
* net/mlx5: SF, Stop waiting for FW as teardown was called (git-fixes).
* net: nfc: remove inappropriate attrs check (stable-fixes).
* net: NSH: fix kernel-doc notation warning (git-fixes).
* net: pcs: xpcs: Return EINVAL in the internal methods (git-fixes).
* net: phy: fix phy_read_poll_timeout argument type in genphy_loopback (git-
fixes).
* net: phy: micrel: Fix potential null pointer dereference (git-fixes).
* net: phy: micrel: lan8814: Fix when enabling/disabling 1-step timestamping
(git-fixes).
* net: phy: micrel: set soft_reset callback to genphy_soft_reset for KSZ8061
(git-fixes).
* net: phy: phy_device: Prevent nullptr exceptions on ISR (git-fixes).
* net: phy: phy_device: Prevent nullptr exceptions on ISR (stable-fixes).
* net: ravb: Always process TX descriptor ring (git-fixes).
* net: ravb: Let IP-specific receive function to interrogate descriptors (git-
fixes).
* net/smc: bugfix for smcr v2 server connect success statistic (git-fixes).
* net/smc: fix documentation of buffer sizes (git-fixes).
* net/smc: use smc_lgr_list.lock to protect smc_lgr_list.list iterate in
smcr_port_add (git-fixes).
* net: smsc95xx: add support for SYS TEC USB-SPEmodule1 (git-fixes).
* net: sparx5: Fix use after free inside sparx5_del_mact_entry (git-fixes).
* net: sparx5: fix wrong config being used when reconfiguring PCS (git-fixes).
* net: sparx5: flower: fix fragment flags handling (git-fixes).
* net: stmmac: dwmac-starfive: Add support for JH7100 SoC (git-fixes).
* net: stmmac: Fix incorrect dereference in interrupt handlers (git-fixes).
* net: stmmac: fix rx queue priority assignment (git-fixes).
* net: sunrpc: Fix an off by one in rpc_sockaddr2uaddr() (git-fixes).
* net: tcp: fix unexcepted socket die when snd_wnd is 0 (git-fixes).
* net: tls: fix returned read length with async decrypt (bsc#1221858).
* net: tls: fix use-after-free with partial reads and async (bsc#1221858).
* net: tls, fix WARNIING in __sk_msg_free (bsc#1221858).
* net: usb: ax88179_178a: avoid the interface always configured as random
address (git-fixes).
* net: usb: ax88179_178a: avoid writing the mac address before first reading
(git-fixes).
* net: usb: ax88179_178a: fix link status when link is set to down/up (git-
fixes).
* net: usb: ax88179_178a: stop lying about skb->truesize (git-fixes).
* net:usb:qmi_wwan: support Rolling modules (stable-fixes).
* net: usb: smsc95xx: stop lying about skb->truesize (git-fixes).
* net: usb: sr9700: stop lying about skb->truesize (git-fixes).
* net: Use sockaddr_storage for getsockopt(SO_PEERNAME) (git-fixes).
* net: veth: do not manipulate GRO when using XDP (git-fixes).
* net: wwan: t7xx: Split 64bit accesses to fix alignment issues (git-fixes).
* net/x25: fix incorrect parameter validation in the x25_getsockopt() function
(git-fixes).
* nfc: nci: Fix handling of zero-length payload packets in nci_rx_work() (git-
fixes).
* nfc: nci: Fix kcov check in nci_rx_work() (git-fixes).
* nfc: nci: Fix uninit-value in nci_dev_up and nci_ntf_packet (git-fixes).
* nfc: nci: Fix uninit-value in nci_rx_work (git-fixes).
* nf_conntrack: fix -Wunused-const-variable= (git-fixes).
* NFC: trf7970a: disable all regulators on removal (git-fixes).
* nfp: flower: handle acti_netdevs allocation failure (git-fixes).
* NFSD: change LISTXATTRS cookie encoding to big-endian (git-fixes).
* NFSD: Convert the callback workqueue to use delayed_work (git-fixes).
* nfsd: do not call locks_release_private() twice concurrently (git-fixes).
* nfsd: Fix a regression in nfsd_setattr() (git-fixes).
* NFSD: fix LISTXATTRS returning a short list with eof=TRUE (git-fixes).
* NFSD: fix LISTXATTRS returning more bytes than maxcount (git-fixes).
* NFSD: fix nfsd4_listxattr_validate_cookie (git-fixes).
* NFSD: Fix nfsd_clid_class use of __string_len() macro (git-fixes).
* NFSD: Reschedule CB operations when backchannel rpc_clnt is shut down (git-
fixes).
* NFSD: Reset cb_seq_status after NFS4ERR_DELAY (git-fixes).
* NFSD: Retransmit callbacks after client reconnects (git-fixes).
* nfsd: use __fput_sync() to avoid delayed closing of files (bsc#1223380
bsc#1217408).
* NFS: Fix an off by one in root_nfs_cat() (git-fixes).
* NFS: Fix nfs_netfs_issue_read() xarray locking for writeback interrupt (git-
fixes).
* nfs: fix panic when nfs4_ff_layout_prepare_ds() fails (git-fixes).
* NFS: Read unlock folio on nfs_page_create_from_folio() error (git-fixes).
* NFSv4.1/pnfs: fix NFS with TLS in pnfs (git-fixes).
* NFSv4.2: fix listxattr maximum XDR buffer size (git-fixes).
* NFSv4.2: fix nfs4_listxattr kernel BUG at mm/usercopy.c:102 (git-fixes).
* nilfs2: fix OOB in nilfs_set_de_type (git-fixes).
* nilfs2: fix out-of-range warning (git-fixes).
* nilfs2: fix potential bug in end_buffer_async_write (git-fixes).
* nilfs2: fix unexpected freezing of nilfs_segctor_sync() (git-fixes).
* nilfs2: fix use-after-free of timer for log writer thread (git-fixes).
* nilfs2: make superblock data array index computation sparse friendly (git-
fixes).
* nouveau/dmem: handle kcalloc() allocation failure (git-fixes).
* nouveau: fix devinit paths to only handle display on GSP (git-fixes).
* nouveau: fix function cast warning (git-fixes).
* nouveau: fix instmem race condition around ptr stores (git-fixes).
* nouveau/gsp: do not check devinit disable on GSP (git-fixes).
* nouveau: lock the client object tree (stable-fixes).
* nouveau: reset the bo resource bus info after an eviction (git-fixes).
* nouveau/uvmm: fix addr/range calcs for remap operations (git-fixes).
* nvdimm: make nvdimm_bus_type const (jsc#PED-5853).
* nvdimm/pmem: fix leak on dax_add_host() failure (jsc#PED-5853).
* nvdimm/pmem: Treat alloc_dax() -EOPNOTSUPP failure as non-fatal
(jsc#PED-5853).
* nvme-fc: do not wait in vain when unloading module (git-fixes).
* nvme: fix multipath batched completion accounting (git-fixes).
* nvme: fix reconnection fail due to reserved tag allocation (git-fixes).
* nvme: fix warn output about shared namespaces without CONFIG_NVME_MULTIPATH
(git-fixes).
* nvme-multipath: fix io accounting on failover (git-fixes).
* nvme-pci: Add quirk for broken MSIs (git-fixes).
* nvme-tcp: strict pdu pacing to avoid send stalls on TLS (bsc#1221858).
* nvmet-fc: abort command when there is no binding (git-fixes).
* nvmet-fc: avoid deadlock on delete association path (git-fixes).
* nvmet-fc: defer cleanup using RCU properly (git-fixes).
* nvmet-fc: hold reference on hostport match (git-fixes).
* nvmet-fcloop: swap the list_add_tail arguments (git-fixes).
* nvmet-fc: release reference on target port (git-fixes).
* nvmet-fc: take ref count on tgtport before delete assoc (git-fixes).
* nvmet: fix ns enable/disable possible hang (git-fixes).
* nvmet-tcp: fix nvme tcp ida memory leak (git-fixes).
* octeontx2-af: Add array index check (git-fixes).
* octeontx2-af: Fix devlink params (git-fixes).
* octeontx2-af: Fix issue with loading coalesced KPU profiles (git-fixes).
* octeontx2-af: Fix NIX SQ mode and BP config (git-fixes).
* Octeontx2-af: fix pause frame configuration in GMP mode (git-fixes).
* octeontx2-af: Use matching wake_up API variant in CGX command interface
(git-fixes).
* octeontx2-af: Use separate handlers for interrupts (git-fixes).
* octeontx2: Detect the mbox up or down message via register (git-fixes).
* octeontx2-pf: check negative error code in otx2_open() (git-fixes).
* octeontx2-pf: fix FLOW_DIS_IS_FRAGMENT implementation (git-fixes).
* octeontx2-pf: Fix transmit scheduler resource leak (git-fixes).
* octeontx2-pf: Send UP messages to VF only when VF is up (git-fixes).
* octeontx2-pf: Use default max_active works instead of one (git-fixes).
* octeontx2-pf: Wait till detach_resources msg is complete (git-fixes).
* of: dynamic: Synchronize of_changeset_destroy() with the devlink removals
(git-fixes).
* of: module: add buffer overflow check in of_modalias() (git-fixes).
* of: module: prevent NULL pointer dereference in vsnprintf() (stable-fixes).
* of: property: Add in-ports/out-ports support to of_graph_get_port_parent()
(stable-fixes).
* of: property: fix typo in io-channels (git-fixes).
* of: property: fw_devlink: Fix stupid bug in remote-endpoint parsing (git-
fixes).
* of: property: Improve finding the consumer of a remote-endpoint property
(git-fixes).
* of: property: Improve finding the supplier of a remote-endpoint property
(git-fixes).
* of: unittest: Fix compile in the non-dynamic case (git-fixes).
* overflow: Allow non-type arg to type_max() and type_min() (stable-fixes).
* PCI/AER: Block runtime suspend when handling errors (stable-fixes).
* PCI/ASPM: Use RMW accessors for changing LNKCTL (git-fixes).
* PCI: Delay after FLR of Solidigm P44 Pro NVMe (stable-fixes).
* PCI: Disable D3cold on Asus B1400 PCI-NVMe bridge (stable-fixes).
* PCI/DPC: Quirk PIO log size for Intel Raptor Lake Root Ports (stable-fixes).
* PCI/DPC: Use FIELD_GET() (stable-fixes).
* PCI: dwc: ep: Fix DBI access failure for drivers requiring refclk from host
(git-fixes).
* PCI/EDR: Align EDR_PORT_DPC_ENABLE_DSM with PCI Firmware r3.3 (git-fixes).
* PCI/EDR: Align EDR_PORT_LOCATE_DSM with PCI Firmware r3.3 (git-fixes).
* PCI: Execute quirk_enable_clear_retrain_link() earlier (stable-fixes).
* PCI: Fix typos in docs and comments (stable-fixes).
* PCI: hv: Fix ring buffer size calculation (git-fixes).
* PCI: Make link retraining use RMW accessors for changing LNKCTL (git-fixes).
* PCI/PM: Drain runtime-idle callbacks before driver removal (stable-fixes).
* PCI: qcom: Add support for sa8775p SoC (git-fixes).
* PCI: qcom: Disable ASPM L0s for sc8280xp, sa8540p and sa8295p (git-fixes).
* PCI: rockchip-ep: Remove wrong mask on subsys_vendor_id (git-fixes).
* PCI: rpaphp: Error out on busy status from get-sensor-state (bsc#1223369
ltc#205888).
* PCI: Simplify pcie_capability_clear_and_set_word() to ..._clear_word()
(stable-fixes).
* PCI: switchtec: Add support for PCIe Gen5 devices (stable-fixes).
* PCI: switchtec: Use normal comment style (stable-fixes).
* PCI: tegra194: Fix probe path for Endpoint mode (git-fixes).
* peci: linux/peci.h: fix Excess kernel-doc description warning (git-fixes).
* perf annotate: Fix annotation_calc_lines() to pass correct address to
get_srcline() (git-fixes).
* perf annotate: Get rid of duplicate --group option item (git-fixes).
* perf auxtrace: Fix multiple use of --itrace option (git-fixes).
* perf bench internals inject-build-id: Fix trap divide when collecting just
one DSO (git-fixes).
* perf bench uprobe: Remove lib64 from libc.so.6 binary path (git-fixes).
* perf bpf: Clean up the generated/copied vmlinux.h (git-fixes).
* perf daemon: Fix file leak in daemon_session__control (git-fixes).
* perf docs: Document bpf event modifier (git-fixes).
* perf evsel: Fix duplicate initialization of data->id in
evsel__parse_sample() (git-fixes).
* perf expr: Fix "has_event" function for metric style events (git-fixes).
* perf intel-pt: Fix unassigned instruction op (discovered by MemorySanitizer)
(git-fixes).
* perf jevents: Drop or simplify small integer values (git-fixes).
* perf list: fix short description for some cache events (git-fixes).
* perf lock contention: Add a missing NULL check (git-fixes).
* perf metric: Do not remove scale from counts (git-fixes).
* perf pmu: Count sys and cpuid JSON events separately (git fixes).
* perf pmu: Fix a potential memory leak in perf_pmu__lookup() (git-fixes).
* perf pmu: Treat the msr pmu as software (git-fixes).
* perf print-events: make is_event_supported() more robust (git-fixes).
* perf probe: Add missing libgen.h header needed for using basename() (git-
fixes).
* perf record: Check conflict between '\--timestamp-filename' option and pipe
mode before recording (git-fixes).
* perf record: Fix debug message placement for test consumption (git-fixes).
* perf record: Fix possible incorrect free in record__switch_output() (git-
fixes).
* perf report: Avoid SEGV in report__setup_sample_type() (git-fixes).
* perf sched timehist: Fix -g/--call-graph option failure (git-fixes).
* perf script: Show also errors for --insn-trace option (git-fixes).
* perf srcline: Add missed addr2line closes (git-fixes).
* perf stat: Avoid metric-only segv (git-fixes).
* perf stat: Do not display metric header for non-leader uncore events (git-
fixes).
* perf stat: Do not fail on metrics on s390 z/VM systems (git-fixes).
* perf symbols: Fix ownership of string in dso__load_vmlinux() (git-fixes).
* perf tests: Apply attributes to all events in object code reading test (git-
fixes).
* perf test shell arm_coresight: Increase buffer size for Coresight basic
tests (git-fixes).
* perf tests: Make data symbol test wait for perf to start (bsc#1220045).
* perf tests: Make "test data symbol" more robust on Neoverse N1 (git-fixes).
* perf tests: Skip data symbol test if buf1 symbol is missing (bsc#1220045).
* perf thread: Fixes to thread__new() related to initializing comm (git-
fixes).
* perf thread_map: Free strlist on normal path in thread_map__new_by_tid_str()
(git-fixes).
* perf top: Uniform the event name for the hybrid machine (git-fixes).
* perf top: Use evsel's cpus to replace user_requested_cpus (git-fixes).
* perf ui browser: Avoid SEGV on title (git fixes).
* perf ui browser: Do not save pointer to stack memory (git-fixes).
* perf vendor events amd: Add Zen 4 memory controller events (git-fixes).
* perf vendor events amd: Fix Zen 4 cache latency events (git-fixes).
* perf/x86/amd/core: Avoid register reset when CPU is dead (git-fixes).
* perf/x86/amd/lbr: Discard erroneous branch entries (git-fixes).
* perf/x86/amd/lbr: Use freeze based on availability (git-fixes).
* perf/x86: Fix out of range data (git-fixes).
* perf/x86/intel/ds: Do not clear ->pebs_data_cfg for the last PEBS event
(git-fixes).
* perf/x86/intel: Expose existence of callback support to KVM (git-fixes).
* phy: freescale: imx8m-pcie: fix pcie link-up instability (git-fixes).
* phy: marvell: a3700-comphy: Fix hardcoded array size (git-fixes).
* phy: marvell: a3700-comphy: Fix out of bounds read (git-fixes).
* phy: rockchip: naneng-combphy: Fix mux on rk3588 (git-fixes).
* phy: rockchip-snps-pcie3: fix bifurcation on rk3588 (git-fixes).
* phy: rockchip-snps-pcie3: fix clearing PHP_GRF_PCIESEL_CON bits (git-fixes).
* phy: ti: tusb1210: Resolve charger-det crash if charger psy is unregistered
(git-fixes).
* pinctrl: armada-37xx: remove an unused variable (git-fixes).
* pinctrl: baytrail: Fix selecting gpio pinctrl state (git-fixes).
* pinctrl: core: delete incorrect free in pinctrl_enable() (git-fixes).
* pinctrl: devicetree: fix refcount leak in pinctrl_dt_to_map() (git-fixes).
* pinctrl: mediatek: paris: Fix PIN_CONFIG_INPUT_SCHMITT_ENABLE readback (git-
fixes).
* pinctrl: mediatek: paris: Rework support for
PIN_CONFIG_{INPUT,OUTPUT}_ENABLE (git-fixes).
* pinctrl/meson: fix typo in PDM's pin name (git-fixes).
* pinctrl: pinctrl-aspeed-g6: Fix register offset for pinconf of GPIOR-T (git-
fixes).
* pinctrl: qcom: pinctrl-sm7150: Fix sdc1 and ufs special pins regs (git-
fixes).
* pinctrl: renesas: checker: Limit cfg reg enum checks to provided IDs
(stable-fixes).
* platform/chrome: cros_ec_uart: properly fix race condition (git-fixes).
* platform/x86/amd/pmc: Extend Framework 13 quirk to more BIOSes (stable-
fixes).
* platform/x86/intel-uncore-freq: Do not present root domain on error (git-
fixes).
* platform/x86: intel-vbtn: Update tablet mode switch at end of probe (git-
fixes).
* platform/x86: ISST: Add Granite Rapids-D to HPM CPU list (stable-fixes).
* platform/x86: touchscreen_dmi: Add an extra entry for a variant of the Chuwi
Vi8 tablet (stable-fixes).
* platform/x86: x86-android-tablets: Fix acer_b1_750_goodix_gpios name
(stable-fixes).
* platform/x86: xiaomi-wmi: Fix race condition when reporting key events (git-
fixes).
* PM / devfreq: Synchronize devfreq_monitor_[start/stop] (stable-fixes).
* PM: s2idle: Make sure CPUs will wakeup directly on resume (git-fixes).
* Port "certs: Add ECDSA signature verification self-test".
* Port "certs: Move RSA self-test data to separate file".
* powerpc: Avoid nmi_enter/nmi_exit in real mode interrupt (bsc#1221645
ltc#205739 bsc#1223191).
* powerpc/crypto/chacha-p10: Fix failure on non Power10 (bsc#1218205).
* powerpc/eeh: Permanently disable the removed device (bsc#1223991
ltc#205740).
* powerpc/hv-gpci: Fix the H_GET_PERF_COUNTER_INFO hcall return value checks
(git-fixes).
* powerpc/pseries/lparcfg: drop error message from guest name lookup
(bsc#1187716 ltc#193451 git-fixes).
* powerpc/pseries: make max polling consistent for longer H_CALLs
(bsc#1215199).
* powerpc/pseries/vio: Do not return ENODEV if node or compatible missing
(bsc#1220783).
* powerpc/uaccess: Fix build errors seen with GCC 13/14 (bsc#1194869).
* powerpc/uaccess: Use YZ asm constraint for ld (bsc#1194869).
* power: rt9455: hide unused rt9455_boost_voltage_values (git-fixes).
* power: supply: mt6360_charger: Fix of_match for usb-otg-vbus regulator (git-
fixes).
* ppdev: Add an error check in register_device (git-fixes).
* prctl: generalize PR_SET_MDWE support check to be per-arch (bsc#1225610).
* printk: Add this_cpu_in_panic() (bsc#1225607).
* printk: Adjust mapping for 32bit seq macros (bsc#1225607).
* printk: Avoid non-panic CPUs writing to ringbuffer (bsc#1225607).
* printk: Consolidate console deferred printing (bsc#1225607).
* printk: Disable passing console lock owner completely during panic()
(bsc#1225607).
* printk: Do not take console lock for console_flush_on_panic() (bsc#1225607).
* printk: For @suppress_panic_printk check for other CPU in panic
(bsc#1225607).
* printk: Keep non-panic-CPUs out of console lock (bsc#1225607).
* printk: Let no_printk() use _printk() (bsc#1225618).
* printk: nbcon: Relocate 32bit seq macros (bsc#1225607).
* printk: Reduce console_unblank() usage in unsafe scenarios (bsc#1225607).
* printk: Rename abandon_console_lock_in_panic() to other_cpu_in_panic()
(bsc#1225607).
* printk: ringbuffer: Clarify special lpos values (bsc#1225607).
* printk: ringbuffer: Cleanup reader terminology (bsc#1225607).
* printk: ringbuffer: Do not skip non-finalized records with prb_next_seq()
(bsc#1225607).
* printk: ringbuffer: Skip non-finalized records in panic (bsc#1225607).
* printk: Update @console_may_schedule in console_trylock_spinning()
(bsc#1225616).
* printk: Use prb_first_seq() as base for 32bit seq macros (bsc#1225607).
* printk: Wait for all reserved records with pr_flush() (bsc#1225607).
* proc/kcore: do not try to access unaccepted memory (git-fixes).
* pstore: inode: Convert mutex usage to guard(mutex) (stable-fixes).
* pstore: inode: Only d_invalidate() is needed (git-fixes).
* pstore/zone: Add a null pointer check to the psz_kmsg_read (stable-fixes).
* pwm: img: fix pwm clock lookup (git-fixes).
* qibfs: fix dentry leak (git-fixes)
* r8169: fix issue caused by buggy BIOS on certain boards with RTL8168d (git-
fixes).
* r8169: skip DASH fw status checks when DASH is disabled (git-fixes).
* random: handle creditable entropy from atomic process context (git-fixes).
* RAS/AMD/FMPM: Avoid NULL ptr deref in get_saved_records() (jsc#PED-7619).
* RAS/AMD/FMPM: Fix build when debugfs is not enabled (jsc#PED-7619).
* RAS/AMD/FMPM: Safely handle saved records of various sizes (jsc#PED-7619).
* RDMA/cm: add timeout to cm_destroy_id wait (git-fixes)
* RDMA/cma: Fix kmemleak in rdma_core observed during blktests nvme/rdma use
siw (git-fixes)
* RDMA/cm: Print the old state when cm_destroy_id gets timeout (git-fixes)
* RDMA/hns: Add max_ah and cq moderation capacities in query_device() (git-
fixes)
* RDMA/hns: Fix deadlock on SRQ async events. (git-fixes)
* RDMA/hns: Fix GMV table pagesize (git-fixes)
* RDMA/hns: Fix return value in hns_roce_map_mr_sg (git-fixes)
* RDMA/hns: Fix UAF for cq async event (git-fixes)
* RDMA/hns: Modify the print level of CQE error (git-fixes)
* RDMA/hns: Use complete parentheses in macros (git-fixes)
* RDMA/IPoIB: Fix format truncation compilation errors (git-fixes)
* RDMA/mana_ib: Fix bug in creation of dma regions (git-fixes).
* RDMA/mlx5: Adding remote atomic access flag to updatable flags (git-fixes)
* RDMA/mlx5: Change check for cacheable mkeys (git-fixes)
* RDMA/mlx5: Fix port number for counter query in multi-port configuration
(git-fixes)
* RDMA/mlx5: Uncacheable mkey has neither rb_key or cache_ent (git-fixes)
* RDMA/rxe: Allow good work requests to be executed (git-fixes)
* RDMA/rxe: Fix incorrect rxe_put in error path (git-fixes)
* RDMA/rxe: Fix seg fault in rxe_comp_queue_pkt (git-fixes)
* RDMA/rxe: Fix the problem "mutex_destroy missing" (git-fixes)
* README.BRANCH: Remove copy of branch name
* Reapply "drm/qxl: simplify qxl_fence_wait" (stable-fixes).
* regmap: Add regmap_read_bypassed() (git-fixes).
* regmap: kunit: Ensure that changed bytes are actually different (stable-
fixes).
* regmap: maple: Fix cache corruption in regcache_maple_drop() (git-fixes).
* regmap: maple: Fix uninitialized symbol 'ret' warnings (git-fixes).
* regulator: bd71828: Do not overwrite runtime voltages (git-fixes).
* regulator: change devm_regulator_get_enable_optional() stub to return Ok
(git-fixes).
* regulator: change stubbed devm_regulator_get_enable to return Ok (git-
fixes).
* regulator: core: fix debugfs creation regression (git-fixes).
* regulator: mt6360: De-capitalize devicetree regulator subnodes (git-fixes).
* regulator: tps65132: Add of_match table (stable-fixes).
* remoteproc: k3-r5: Do not allow core1 to power up before core0 via sysfs
(git-fixes).
* remoteproc: k3-r5: Jump to error handling labels in start/stop errors (git-
fixes).
* remoteproc: k3-r5: Wait for core0 power-up before powering up core1 (git-
fixes).
* remoteproc: mediatek: Make sure IPI buffer fits in L2TCM (git-fixes).
* remoteproc: stm32: Fix incorrect type assignment returned by
stm32_rproc_get_loaded_rsc_tablef (git-fixes).
* remoteproc: virtio: Fix wdg cannot recovery remote processor (git-fixes).
* Remove NTFSv3 from configs (bsc#1224429) References: bsc#1224429 comment#3
We only support fuse version of the NTFS-3g driver. Disable NTFSv3 from all
configs. This was enabled in d016c04d731 ("Bump to 6.4 kernel
(jsc#PED-4593)")
* Revert "ACPI: PM: Block ASUS B1400CEAE from suspend to idle by default"
(stable-fixes).
* Revert "ASoC: SOF: Intel: hda-dai-ops: only allocate/release streams for
first CPU DAI" (stable-fixes).
* Revert "ASoC: SOF: Intel: hda-dai-ops: reset device count for SoundWire
DAIs" (stable-fixes).
* Revert "cifs: reconnect work should have reference on server struct" (git-
fixes, bsc#1225172).
* Revert "drm/amd/amdgpu: Fix potential ioremap() memory leaks in
amdgpu_device_init()" (stable-fixes).
* Revert "drm/amd/display: Fix sending VSC (+ colorimetry) packets for DP/eDP
displays without PSR" (stable-fixes).
* Revert "drm/amdkfd: fix gfx_target_version for certain 11.0.3 devices"
(stable-fixes).
* Revert "drm/bridge: ti-sn65dsi83: Fix enable error path" (git-fixes).
* Revert "drm/nouveau/firmware: Fix SG_DEBUG error with nvkm_firmware_ctor()"
(stable-fixes).
* Revert "drm/qxl: simplify qxl_fence_wait" (git-fixes).
* Revert "iommu/amd: Enable PCI/IMS" (git-fixes).
* Revert "iommu/vt-d: Enable PCI/IMS" (git-fixes).
* Revert "net/mlx5: Block entering switchdev mode with ns inconsistency" (git-
fixes).
* Revert "net/mlx5e: Check the number of elements before walk TC rhashtable"
(git-fixes).
* Revert "PCI/MSI: Provide IMS (Interrupt Message Store) support" (git-fixes).
* Revert "PCI/MSI: Provide pci_ims_alloc/free_irq()" (git-fixes).
* Revert "PCI/MSI: Provide stubs for IMS functions" (git-fixes).
* Revert "selinux: introduce an initial SID for early boot processes"
(bsc#1208593) It caused a regression on ALP-current branch, kernel-obs-qa
build failed.
* Revert "usb: cdc-wdm: close race between read and workqueue" (git-fixes).
* Revert "usb: phy: generic: Get the vbus supply" (git-fixes).
* ring-buffer: Do not set shortest_full when full target is hit (git-fixes).
* ring-buffer: Fix a race between readers and resize checks (git-fixes).
* ring-buffer: Fix full_waiters_pending in poll (git-fixes).
* ring-buffer: Fix resetting of shortest_full (git-fixes).
* ring-buffer: Fix waking up ring buffer readers (git-fixes).
* ring-buffer: Make wake once of ring_buffer_wait() more robust (git-fixes).
* ring-buffer: use READ_ONCE() to read cpu_buffer->commit_page in concurrent
environment (git-fixes).
* ring-buffer: Use wait_event_interruptible() in ring_buffer_wait() (git-
fixes).
* rtc: mt6397: select IRQ_DOMAIN instead of depending on it (git-fixes).
* s390/bpf: Emit a barrier for BPF_FETCH instructions (git-fixes bsc#1224792).
* s390/cio: Ensure the copied buf is NUL terminated (git-fixes bsc#1223869).
* s390/cio: fix tracepoint subchannel type field (git-fixes bsc#1224793).
* s390/cpacf: Split and rework cpacf query functions (git-fixes bsc#1225133).
* s390/ipl: Fix incorrect initialization of len fields in nvme reipl block
(git-fixes bsc#1225136).
* s390/ipl: Fix incorrect initialization of nvme dump block (git-fixes
bsc#1225134).
* s390/ism: Properly fix receive message buffer allocation (git-fixes
bsc#1223590).
* s390/mm: Fix clearing storage keys for huge pages (git-fixes bsc#1223871).
* s390/mm: Fix storage key clearing for guest huge pages (git-fixes
bsc#1223872).
* s390/qeth: Fix kernel panic after setting hsuid (git-fixes bsc#1223874).
* s390/vdso: Add CFI for RA register to asm macro vdso_func (git-fixes
bsc#1223870).
* s390/vdso: drop '-fPIC' from LDFLAGS (git-fixes bsc#1223593).
* s390/vtime: fix average steal time calculation (git-fixes bsc#1221783).
* s390/zcrypt: fix reference counting on zcrypt card objects (git-fixes
bsc#1223592).
* sched/balancing: Rename newidle_balance() => sched_balance_newidle()
(bsc#1222173).
* sched/fair: Check root_domain::overload value before update (bsc#1222173).
* sched/fair: Use helper functions to access root_domain::overload
(bsc#1222173).
* sched/psi: Select KERNFS as needed (git-fixes).
* sched/topology: Optimize topology_span_sane() (bsc#1225053).
* scsi: bfa: Fix function pointer type mismatch for hcb_qe->cbfn (git-fixes).
* scsi: core: Consult supported VPD page list prior to fetching page (git-
fixes).
* scsi: core: Fix unremoved procfs host directory regression (git-fixes).
* scsi: csiostor: Avoid function pointer casts (git-fixes).
* scsi: hisi_sas: Modify the deadline for ata_wait_after_reset() (git-fixes).
* scsi: libsas: Add a helper sas_get_sas_addr_and_dev_type() (git-fixes).
* scsi: libsas: Fix disk not being scanned in after being removed (git-fixes).
* scsi: lpfc: Add support for 32 byte CDBs (bsc#1225842).
* scsi: lpfc: Change default logging level for unsolicited CT MIB commands
(bsc#1225842).
* scsi: lpfc: Change lpfc_hba hba_flag member into a bitmask (bsc#1225842).
Refresh: - patches.suse/lpfc-reintroduce-old-irq-probe-logic.patch
* scsi: lpfc: Clear deferred RSCN processing flag when driver is unloading
(bsc#1225842).
* scsi: lpfc: Copyright updates for 14.4.0.1 patches (bsc#1221777).
* scsi: lpfc: Copyright updates for 14.4.0.2 patches (bsc#1225842).
* scsi: lpfc: Correct size for cmdwqe/rspwqe for memset() (bsc#1221777).
* scsi: lpfc: Correct size for wqe for memset() (bsc#1221777).
* scsi: lpfc: Define lpfc_dmabuf type for ctx_buf ptr (bsc#1221777).
* scsi: lpfc: Define lpfc_nodelist type for ctx_ndlp ptr (bsc#1221777).
* scsi: lpfc: Define types in a union for generic void *context3 ptr
(bsc#1221777).
* scsi: lpfc: Introduce rrq_list_lock to protect active_rrq_list
(bsc#1225842).
* scsi: lpfc: Move NPIV's transport unregistration to after resource clean up
(bsc#1221777).
* scsi: lpfc: Release hbalock before calling lpfc_worker_wake_up()
(bsc#1221777).
* scsi: lpfc: Remove IRQF_ONESHOT flag from threaded IRQ handling (bsc#1221777
bsc#1217959).
* scsi: lpfc: Remove unnecessary log message in queuecommand path
(bsc#1221777).
* scsi: lpfc: Replace hbalock with ndlp lock in lpfc_nvme_unregister_port()
(bsc#1221777).
* scsi: lpfc: Update logging of protection type for T10 DIF I/O (bsc#1225842).
* scsi: lpfc: Update lpfc_ramp_down_queue_handler() logic (bsc#1221777).
* scsi: lpfc: Update lpfc version to 14.4.0.1 (bsc#1221777).
* scsi: lpfc: Update lpfc version to 14.4.0.2 (bsc#1225842).
* scsi: lpfc: Use a dedicated lock for ras_fwlog state (bsc#1221777).
* scsi: mpt3sas: Prevent sending diag_reset when the controller is ready (git-
fixes).
* scsi: mylex: Fix sysfs buffer lengths (git-fixes).
* scsi: qla2xxx: Change debug message during driver unload (bsc1221816).
* scsi: qla2xxx: Delay I/O Abort on PCI error (bsc1221816).
* scsi: qla2xxx: Fix command flush on cable pull (bsc1221816).
* scsi: qla2xxx: Fix double free of fcport (bsc1221816).
* scsi: qla2xxx: Fix double free of the ha->vp_map pointer (bsc1221816).
* scsi: qla2xxx: Fix N2N stuck connection (bsc1221816).
* scsi: qla2xxx: Fix off by one in qla_edif_app_getstats() (git-fixes).
* scsi: qla2xxx: NVME|FCP prefer flag not being honored (bsc1221816).
* scsi: qla2xxx: Prevent command send on chip reset (bsc1221816).
* scsi: qla2xxx: Split FCE|EFT trace control (bsc1221816).
* scsi: qla2xxx: Update manufacturer detail (bsc1221816).
* scsi: qla2xxx: Update version to 10.02.09.200-k (bsc1221816).
* scsi: sd: Unregister device if device_add_disk() failed in sd_probe() (git-
fixes).
* scsi: sg: Avoid race in error handling & drop bogus warn (git-fixes).
* scsi: sg: Avoid sg device teardown race (git-fixes).
* scsi: smartpqi: Fix disable_managed_interrupts (git-fixes).
* sctp: annotate data-races around sk->sk_wmem_queued (git-fixes).
* sdhci-of-dwcmshc: disable PM runtime in dwcmshc_remove() (git-fixes).
* selftests/binderfs: use the Makefile's rules, not Make's implicit rules
(git-fixes).
* selftests/bpf: add edge case backtracking logic test (bsc#1225756).
* selftests/bpf: precision tracking test for BPF_NEG and BPF_END
(bsc#1225756).
* selftests: default to host arch for LLVM builds (git-fixes).
* selftests: forwarding: Fix ping failure due to short timeout (git-fixes).
* selftests/ftrace: Fix event filter target_func selection (stable-fixes).
* selftests/ftrace: Limit length in subsystem-enable tests (git-fixes).
* selftests/kcmp: remove unused open mode (git-fixes).
* selftests: kselftest: Fix build failure with NOLIBC (git-fixes).
* selftests: kselftest: Mark functions that unconditionally call exit() as
__noreturn (git-fixes).
* selftests: net: bridge: increase IGMP/MLD exclude timeout membership
interval (git-fixes).
* selftests/net: convert test_bridge_neigh_suppress.sh to run it in unique
namespace (stable-fixes).
* selftests: net: kill smcrouted in the cleanup logic in amt.sh (git-fixes).
* selftests: net: move amt to socat for better compatibility (git-fixes).
* selftests/pidfd: Fix config for pidfd_setns_test (git-fixes).
* selftests/powerpc/dexcr: Add -no-pie to hashchk tests (git-fixes).
* selftests/powerpc/papr-vpd: Fix missing variable initialization
(jsc#PED-4486 git-fixes).
* selftests/resctrl: fix clang build failure: use LOCAL_HDRS (git-fixes).
* selftests: test_bridge_neigh_suppress.sh: Fix failures due to duplicate MAC
(git-fixes).
* selftests: timers: Convert posix_timers test to generate KTAP output
(stable-fixes).
* selftests: timers: Fix abs() warning in posix_timers test (git-fixes).
* selftests: timers: Fix posix_timers ksft_print_msg() warning (git-fixes).
* selftests: timers: Fix valid-adjtimex signed left-shift undefined behavior
(stable-fixes).
* selftests/timers/posix_timers: Reimplement check_timer_distribution() (git-
fixes).
* selftests: vxlan_mdb: Fix failures with old libnet (git-fixes).
* selinux: avoid dereference of garbage after mount failure (git-fixes).
* selinux: introduce an initial SID for early boot processes (bsc#1208593).
* serial: 8250_bcm7271: use default_mux_rate if possible (git-fixes).
* serial: 8250_dw: Revert: Do not reclock if already at correct rate (git-
fixes).
* serial: 8250_exar: Do not remove GPIO device on suspend (git-fixes).
* serial: 8520_mtk: Set RTS on shutdown for Rx in-band wakeup (git-fixes).
* serial: core: Fix atomicity violation in uart_tiocmget (git-fixes).
* serial: core: only stop transmit when HW fifo is empty (git-fixes).
* serial: kgdboc: Fix NMI-safety problems from keyboard reset code (stable-
fixes).
* serial: Lock console when calling into driver before registration (git-
fixes).
* serial: max3100: Fix bitwise types (git-fixes).
* serial: max3100: Lock port->lock when calling uart_handle_cts_change() (git-
fixes).
* serial: max310x: fix NULL pointer dereference in I2C instantiation (git-
fixes).
* serial: max310x: fix syntax error in IRQ error message (git-fixes).
* serial: mxs-auart: add spinlock around changing cts state (git-fixes).
* serial/pmac_zilog: Remove flawed mitigation for rx irq flood (git-fixes).
* serial: sc16is7xx: add proper sched.h include for sched_set_fifo() (git-
fixes).
* serial: sc16is7xx: fix bug in sc16is7xx_set_baud() when using prescaler
(git-fixes).
* serial: sh-sci: protect invalidating RXDMA on shutdown (git-fixes).
* serial: stm32: Reset .throttled state in .startup() (git-fixes).
* series.conf: cleanup Fix subsection header to silence series_insert error.
* SEV: disable SEV-ES DebugSwap by default (git-fixes).
* slimbus: core: Remove usage of the deprecated ida_simple_xx() API (git-
fixes).
* slimbus: qcom-ngd-ctrl: Add timeout for wait operation (git-fixes).
* smb3: show beginning time for per share stats (bsc#1225172).
* smb: client: ensure to try all targets when finding nested links
(bsc#1225172).
* smb: client: fix mount when dns_resolver key is not available (git-fixes,
bsc#1225172).
* smb: client: fix parsing of SMB3.1.1 POSIX create context (git-fixes,
bsc#1225172).
* smb: client: get rid of dfs code dep in namespace.c (bsc#1225172).
* smb: client: get rid of dfs naming in automount code (bsc#1225172).
* smb: client: introduce DFS_CACHE_TGT_LIST() (bsc#1225172).
* smb: client: reduce stack usage in cifs_try_adding_channels() (bsc#1225172).
* smb: client: remove extra @chan_count check in __cifs_put_smb_ses()
(bsc#1225172).
* smb: client: rename cifs_dfs_ref.c to namespace.c (bsc#1225172).
* soc: fsl: qbman: Always disable interrupts when taking cgr_lock (git-fixes).
* soc: fsl: qbman: Use raw spinlock for cgr_lock (git-fixes).
* sock_diag: annotate data-races around sock_diag_handlers[family] (git-
fixes).
* soc: mediatek: cmdq: Fix typo of CMDQ_JUMP_RELATIVE (git-fixes).
* soc: microchip: Fix POLARFIRE_SOC_SYS_CTRL input prompt (stable-fixes).
* soc: qcom: pmic_glink: do not traverse clients list without a lock (git-
fixes).
* soc: qcom: pmic_glink: Make client-lock non-sleeping (git-fixes).
* soc: qcom: pmic_glink: notify clients about the current state (git-fixes).
* soc: qcom: rpmh-rsc: Enhance check for VRM in-flight request (git-fixes).
* soundwire: amd: fix for wake interrupt handling for clockstop mode (git-
fixes).
* speakup: Avoid crash on very long word (git-fixes).
* speakup: Fix 8bit characters from direct synth (git-fixes).
* speakup: Fix sizeof() vs ARRAY_SIZE() bug (git-fixes).
* spi: Do not mark message DMA mapped when no transfer in it is (git-fixes).
* spi: fix null pointer dereference within spi_sync (git-fixes).
* spi: intel-pci: Add support for Lunar Lake-M SPI serial flash (stable-
fixes).
* spi: lm70llp: fix links in doc and comments (git-fixes).
* spi: lpspi: Avoid potential use-after-free in probe() (git-fixes).
* spi: mchp-pci1xxx: Fix a possible null pointer dereference in
pci1xxx_spi_probe (git-fixes).
* spi: microchip-core-qspi: fix setting spi bus clock rate (git-fixes).
* spi: spi-fsl-lpspi: remove redundant spi_controller_put call (git-fixes).
* spi: spi-mt65xx: Fix NULL pointer access in interrupt handler (git-fixes).
* spi: stm32: Do not warn about spurious interrupts (git-fixes).
* spi: xilinx: Fix kernel documentation in the xilinx_spi.h (git-fixes).
* spmi: hisi-spmi-controller: Do not override device identifier (git-fixes).
* staging: vc04_services: changen strncpy() to strscpy_pad() (stable-fixes).
* staging: vc04_services: fix information leak in create_component() (git-
fixes).
* staging: vt6655: Remove unused declaration of
RFbAL7230SelectChannelPostProcess() (git-fixes).
* stmmac: Clear variable when destroying workqueue (git-fixes).
* SUNRPC: fix a memleak in gss_import_v2_context (git-fixes).
* SUNRPC: fix some memleaks in gssx_dec_option_array (git-fixes).
* supported.conf: support tcp_dctcp module (jsc#PED-8111)
* swiotlb: extend buffer pre-padding to alloc_align_mask if necessary
(bsc#1224331)
* swiotlb: Fix alignment checks when both allocation and DMA masks are
(bsc#1224331)
* swiotlb: Fix double-allocation of slots due to broken alignment
(bsc#1224331)
* swiotlb: Honour dma_alloc_coherent() alignment in swiotlb_alloc()
(bsc#1224331)
* swiotlb: use the calculated number of areas (git-fixes).
* Temporarily drop KVM patch that caused a regression (bsc#1226158).
* thermal: devfreq_cooling: Fix perf state when calculate dfc res_util (git-
fixes).
* thermal/drivers/qcom/lmh: Check for SCM availability at probe (git-fixes).
* thermal/drivers/tsens: Fix null pointer dereference (git-fixes).
* thermal/of: Assume polling-delay(-passive) 0 when absent (stable-fixes).
* thunderbolt: Avoid notify PM core about runtime PM resume (stable-fixes).
* thunderbolt: Do not create DisplayPort tunnels on adapters of the same
router (git-fixes).
* thunderbolt: Fix wake configurations after device unplug (stable-fixes).
* thunderbolt: Introduce tb_path_deactivate_hop() (stable-fixes).
* thunderbolt: Introduce tb_port_reset() (stable-fixes).
* thunderbolt: Make tb_switch_reset() support Thunderbolt 2, 3 and USB4
routers (stable-fixes).
* thunderbolt: Reset only non-USB4 host routers in resume (git-fixes).
* tls: break out of main loop when PEEK gets a non-data record (bsc#1221858).
* tls: do not skip over different type records from the rx_list (bsc#1221858).
* tls: fix peeking with sync+async decryption (bsc#1221858).
* tls: stop recv() if initial process_rx_list gave us non-DATA (bsc#1221858).
* tools/arch/x86/intel_sdsi: Fix maximum meter bundle length (git-fixes).
* tools/arch/x86/intel_sdsi: Fix meter_certificate decoding (git-fixes).
* tools/arch/x86/intel_sdsi: Fix meter_show display (git-fixes).
* tools/latency-collector: Fix -Wformat-security compile warns (git-fixes).
* tools/power turbostat: Expand probe_intel_uncore_frequency() (bsc#1221765).
* tools/power/turbostat: Fix uncore frequency file string (bsc#1221765).
* tpm_tis_spi: Account for SPI header when allocating TPM SPI xfer buffer
(git-fixes).
* tracing: Add MODULE_DESCRIPTION() to preemptirq_delay_test (git-fixes).
* tracing: Have saved_cmdlines arrays all in one allocation (git-fixes).
* tracing: hide unused ftrace_event_id_fops (git-fixes).
* tracing/net_sched: Fix tracepoints that save qdisc_dev() as a string (git-
fixes).
* tracing: Remove precision vsnprintf() check from print event (git-fixes).
* tracing/ring-buffer: Fix wait_on_pipe() race (git-fixes).
* tracing: Use .flush() call to wake up readers (git-fixes).
* tty: n_gsm: fix missing receive state reset after mode switch (git-fixes).
* tty: n_gsm: fix possible out-of-bounds in gsm0_receive() (git-fixes).
* tty: serial: samsung: fix tx_empty() to return TIOCSER_TEMT (git-fixes).
* tty: vt: fix 20 vs 0x20 typo in EScsiignore (git-fixes).
* ubifs: dbg_check_idx_size: Fix kmemleak if loading znode failed (git-fixes).
* ubifs: fix sort function prototype (git-fixes).
* ubifs: Queue up space reservation tasks if retrying many times (git-fixes).
* ubifs: Remove unreachable code in dbg_check_ltab_lnum (git-fixes).
* ubifs: Set page uptodate in the correct place (git-fixes).
* Update config files. Disable N_GSM (jsc#PED-8240).
* Update patches.suse/nvme-ensure-disabling-pairs-with-unquiesce.patch
(jsc#PED-6252 jsc#PED-5728 jsc#PED-5062 jsc#PED-3535 bsc#1224534).
* usb: aqc111: stop lying about skb->truesize (git-fixes).
* usb: audio-v2: Correct comments for struct uac_clock_selector_descriptor
(git-fixes).
* usb: cdc-wdm: close race between read and workqueue (git-fixes).
* USB: core: Add hub_get() and hub_put() routines (stable-fixes).
* USB: core: Fix access violation during port device removal (git-fixes).
* USB: core: Fix deadlock in port "disable" sysfs attribute (stable-fixes).
* USB: core: Fix deadlock in usb_deauthorize_interface() (git-fixes).
* usb: Disable USB3 LPM at shutdown (stable-fixes).
* usb: dwc2: gadget: Fix exiting from clock gating (git-fixes).
* usb: dwc2: gadget: LPM flow fix (git-fixes).
* usb: dwc2: host: Fix dereference issue in DDMA completion flow (git-fixes).
* usb: dwc2: host: Fix hibernation flow (git-fixes).
* usb: dwc2: host: Fix ISOC flow in DDMA mode (git-fixes).
* usb: dwc2: host: Fix remote wakeup from hibernation (git-fixes).
* usb: dwc3-am62: Disable wakeup at remove (git-fixes).
* usb: dwc3-am62: fix module unload/reload behavior (git-fixes).
* usb: dwc3-am62: Rename private data (git-fixes).
* usb: dwc3: core: Prevent phy suspend during init (Git-fixes).
* usb: dwc3: pci: Drop duplicate ID (git-fixes).
* usb: dwc3: Properly set system wakeup (git-fixes).
* usb: dwc3: Wait unconditionally after issuing EndXfer command (git-fixes).
* usb: Fix regression caused by invalid ep0 maxpacket in virtual SuperSpeed
device (bsc#1220569).
* usb: fotg210: Add missing kernel doc description (git-fixes).
* usb: gadget: composite: fix OS descriptors w_value logic (git-fixes).
* usb: gadget: f_fs: Fix a race condition when processing setup packets (git-
fixes).
* usb: gadget: f_fs: Fix race between aio_cancel() and AIO request complete
(git-fixes).
* usb: gadget: f_ncm: Fix UAF ncm object at re-bind after usb ep transport
error (stable-fixes).
* usb: gadget: net2272: Use irqflags in the call to net2272_probe_fin (git-
fixes).
* usb: gadget: u_audio: Clear uac pointer when freed (git-fixes).
* usb: gadget: u_audio: Fix race condition use of controls after free during
gadget unbind (git-fixes).
* usb: gadget: uvc: mark incomplete frames with UVC_STREAM_ERR (stable-fixes).
* usb: gadget: uvc: use correct buffer size when parsing configfs lists (git-
fixes).
* usb: ohci: Prevent missed ohci interrupts (git-fixes).
* usb: phy: generic: Get the vbus supply (git-fixes).
* USB: serial: add device ID for VeriFone adapter (stable-fixes).
* USB: serial: cp210x: add ID for MGP Instruments PDS100 (stable-fixes).
* USB: serial: cp210x: add pid/vid for TDK NC0110013M and MM0110113M (stable-
fixes).
* USB: serial: ftdi_sio: add support for GMC Z216C Adapter IR-USB (stable-
fixes).
* USB: serial: option: add Fibocom FM135-GL variants (stable-fixes).
* USB: serial: option: add Lonsung U8300/U9300 product (stable-fixes).
* USB: serial: option: add MeiG Smart SLM320 product (stable-fixes).
* USB: serial: option: add Rolling RW101-GL and RW135-GL support (stable-
fixes).
* USB: serial: option: add support for Fibocom FM650/FG650 (stable-fixes).
* USB: serial: option: add Telit FN920C04 rmnet compositions (stable-fixes).
* USB: serial: option: support Quectel EM060K sub-models (stable-fixes).
* usb: sl811-hcd: only defined function checkdone if QUIRK2 is defined
(stable-fixes).
* usb: typec: Return size of buffer if pd_set operation succeeds (git-fixes).
* usb: typec: tcpci: add generic tcpci fallback compatible (stable-fixes).
* usb: typec: tcpm: Check for port partner validity before consuming it (git-
fixes).
* usb: typec: tcpm: clear pd_event queue in PORT_RESET (git-fixes).
* usb: typec: tcpm: Correct port source pdo array in pd_set callback (git-
fixes).
* usb: typec: tcpm: Correct the PDO counting in pd_set (git-fixes).
* usb: typec: tcpm: fix double-free issue in tcpm_port_unregister_pd() (git-
fixes).
* usb: typec: tcpm: unregister existing source caps before re-registration
(git-fixes).
* usb: typec: tipd: fix event checking for tps6598x (git-fixes).
* usb: typec: ucsi: Ack unsupported commands (stable-fixes).
* usb: typec: ucsi_acpi: Refactor and fix DELL quirk (git-fixes).
* usb: typec: ucsi: always register a link to USB PD device (git-fixes).
* usb: typec: ucsi: Check for notifications after init (git-fixes).
* usb: typec: ucsi: Clean up UCSI_CABLE_PROP macros (git-fixes).
* usb: typec: ucsi: Clear EVENT_PENDING under PPM lock (git-fixes).
* usb: typec: ucsi: Clear UCSI_CCI_RESET_COMPLETE before reset (stable-fixes).
* usb: typec: ucsi: displayport: Fix potential deadlock (git-fixes).
* usb: typec: ucsi: Fix connector check on init (git-fixes).
* usb: typec: ucsi: Fix race between typec_switch and role_switch (git-fixes).
* usb: typec: ucsi: Limit read size on v1.2 (stable-fixes).
* usb: typec: ucsi: simplify partner's PD caps registration (git-fixes).
* USB: UAS: return ENODEV when submit urbs fail with device not attached
(stable-fixes).
* usb: udc: remove warning when queue disabled ep (stable-fixes).
* usb: xhci: Add error handling in xhci_map_urb_for_dma (git-fixes).
* usb: xhci: correct return value in case of STS_HCE (git-fixes).
* usb: xhci: Implement xhci_handshake_check_state() helper.
* usb: xhci-plat: Do not include xhci.h (stable-fixes).
* vboxsf: Avoid an spurious warning if load_nls_xxx() fails (git-fixes).
* vboxsf: explicitly deny setlease attempts (stable-fixes).
* vdpa/mlx5: Allow CVQ size changes (git-fixes).
* vdpa_sim: reset must not run (git-fixes).
* veth: try harder when allocating queue memory (git-fixes).
* vhost: Add smp_rmb() in vhost_enable_notify() (git-fixes).
* vhost: Add smp_rmb() in vhost_vq_avail_empty() (git-fixes).
* virtio-blk: Ensure no requests in virtqueues before deleting vqs (git-
fixes).
* virtio_net: Do not send RSS key if it is not supported (git-fixes).
* virtio: treat alloc_dax() -EOPNOTSUPP failure as non-fatal (bsc#1223944).
* VMCI: Fix an error handling path in vmci_guest_probe_device() (git-fixes).
* VMCI: Fix possible memcpy() run-time warning in
vmci_datagram_invoke_guest_handler() (stable-fixes).
* vmci: prevent speculation leaks by sanitizing event in event_deliver() (git-
fixes).
* vsock/virtio: fix packet delivery to tap device (git-fixes).
* watchdog: bd9576: Drop "always-running" property (git-fixes).
* watchdog: cpu5wdt.c: Fix use-after-free bug caused by cpu5wdt_trigger (git-
fixes).
* watchdog: rti_wdt: Set min_hw_heartbeat_ms to accommodate a safety margin
(git-fixes).
* watchdog: sa1100: Fix PTR_ERR_OR_ZERO() vs NULL check in sa1100dog_probe()
(git-fixes).
* wifi: ar5523: enable proper endpoint verification (git-fixes).
* wifi: ath10k: Fix an error code problem in
ath10k_dbg_sta_write_peer_debug_trigger() (git-fixes).
* wifi: ath10k: poll service ready message before failing (git-fixes).
* wifi: ath10k: populate board data for WCN3990 (git-fixes).
* wifi: ath11k: decrease MHI channel buffer length to 8KB (bsc#1207948).
* wifi: ath11k: do not force enable power save on non-running vdevs (git-
fixes).
* wifi: ath12k: fix out-of-bound access of qmi_invoke_handler() (git-fixes).
* wifi: ath9k: fix LNA selection in ath_ant_try_scan() (stable-fixes).
* wifi: brcmfmac: Add DMI nvram filename quirk for ACEPC W5 Pro (stable-
fixes).
* wifi: brcmfmac: add per-vendor feature detection callback (stable-fixes).
* wifi: brcmfmac: cfg80211: Use WSEC to set SAE password (stable-fixes).
* wifi: brcmfmac: Demote vendor-specific attach/detach messages to info (git-
fixes).
* wifi: brcmfmac: pcie: handle randbuf allocation failure (git-fixes).
* wifi: carl9170: add a proper sanity check for endpoints (git-fixes).
* wifi: carl9170: re-fix fortified-memset warning (git-fixes).
* wifi: cfg80211: check A-MSDU format more carefully (stable-fixes).
* wifi: cfg80211: fix rdev_dump_mpp() arguments order (stable-fixes).
* wifi: ieee80211: fix ieee80211_mle_basic_sta_prof_size_ok() (git-fixes).
* wifi: iwlwifi: fw: do not always use FW dump trig (git-fixes).
* wifi: iwlwifi: fw: fix compile w/o CONFIG_ACPI (git-fixes).
* wifi: iwlwifi: mvm: allocate STA links only for active links (git-fixes).
* wifi: iwlwifi: mvm: fix active link counting during recovery (git-fixes).
* wifi: iwlwifi: mvm: fix check in iwl_mvm_sta_fw_id_mask (git-fixes).
* wifi: iwlwifi: mvm: guard against invalid STA ID on removal (stable-fixes).
* wifi: iwlwifi: mvm: include link ID when releasing frames (git-fixes).
* wifi: iwlwifi: mvm: init vif works only once (git-fixes).
* wifi: iwlwifi: mvm: remove old PASN station when adding a new one (git-
fixes).
* wifi: iwlwifi: mvm: return uid from iwl_mvm_build_scan_cmd (git-fixes).
* wifi: iwlwifi: mvm: rfi: fix potential response leaks (git-fixes).
* wifi: iwlwifi: mvm: select STA mask only for active links (git-fixes).
* wifi: iwlwifi: mvm: use correct address 3 in A-MSDU (stable-fixes).
* wifi: iwlwifi: pcie: Add the PCI device id for new hardware (stable-fixes).
* wifi: iwlwifi: pcie: fix RB status reading (stable-fixes).
* wifi: iwlwifi: read txq->read_ptr under lock (stable-fixes).
* wifi: iwlwifi: reconfigure TLC during HW restart (git-fixes).
* wifi: mac80211: check/clear fast rx for non-4addr sta VLAN changes (stable-
fixes).
* wifi: mac80211: clean up assignments to pointer cache (stable-fixes).
* wifi: mac80211: fix ieee80211_bss_*_flags kernel-doc (stable-fixes).
* wifi: mac80211: fix prep_connection error path (stable-fixes).
* wifi: mac80211: fix unaligned le16 access (git-fixes).
* wifi: mac80211_hwsim: init peer measurement result (git-fixes).
* wifi: mac80211: only call drv_sta_rc_update for uploaded stations (stable-
fixes).
* wifi: mac80211: remove link before AP (git-fixes).
* wifi: mt76: mt7603: add wpdma tx eof flag for PSE client reset (git-fixes).
* wifi: mt76: mt7603: fix tx queue of loopback packets (git-fixes).
* wifi: mt76: mt7915: workaround too long expansion sparse warnings (git-
fixes).
* wifi: mt76: mt7996: add locking for accessing mapped registers (stable-
fixes).
* wifi: mt76: mt7996: disable AMSDU for non-data frames (stable-fixes).
* wifi: mwl8k: initialize cmd->addr[] properly (git-fixes).
* wifi: nl80211: do not free NULL coalescing rule (git-fixes).
* wifi: rtw88: 8821cu: Fix connection failure (stable-fixes).
* wifi: rtw88: Add missing VID/PIDs for 8811CU and 8821CU (stable-fixes).
* wifi: rtw89: fix null pointer access when abort scan (stable-fixes).
* wifi: rtw89: pci: correct TX resource checking for PCI DMA channel of
firmware command (git-fixes).
* wifi: rtw89: pci: enlarge RX DMA buffer to consider size of RX descriptor
(stable-fixes).
* wireguard: netlink: access device through ctx instead of peer (git-fixes).
* wireguard: netlink: check for dangling peer via is_dead instead of empty
list (git-fixes).
* wireguard: receive: annotate data-race around receiving_counter.counter
(git-fixes).
* Workaround broken chacha crypto fallback (bsc#1218205).
* x86/bugs: Fix BHI retpoline check (git-fixes).
* x86/bugs: Fix the SRSO mitigation on Zen3/4 (git-fixes).
* x86/bugs: Remove default case for fully switched enums (git-fixes).
* x86/calldepth: Rename __x86_return_skl() to call_depth_return_thunk() (git-
fixes).
* x86/coco: Require seeding RNG with RDRAND on CoCo systems (git-fixes).
* x86/cpu: Add model number for Intel Arrow Lake mobile processor (git-fixes).
* x86/CPU/AMD: Add models 0x10-0x1f to the Zen5 range (git-fixes).
* x86/CPU/AMD: Update the Zenbleed microcode revisions (git-fixes).
* x86/cpufeatures: Fix dependencies for GFNI, VAES, and VPCLMULQDQ (git-
fixes).
* x86/efistub: Add missing boot_params for mixed mode compat entry (git-
fixes).
* x86/efistub: Call mixed mode boot services on the firmware's stack (git-
fixes).
* x86/fpu: Keep xfd_state in sync with MSR_IA32_XFD (git-fixes).
* x86/hyperv: Allow 15-bit APIC IDs for VTL platforms (git-fixes).
* x86/hyperv: Use per cpu initial stack for vtl context (git-fixes).
* x86/Kconfig: Remove CONFIG_AMD_MEM_ENCRYPT_ACTIVE_BY_DEFAULT (git-fixes).
* x86/kconfig: Select ARCH_WANT_FRAME_POINTERS again when
UNWINDER_FRAME_POINTER=y (git-fixes).
* x86/kvm/Kconfig: Have KVM_AMD_SEV select ARCH_HAS_CC_PLATFORM (git-fixes).
* x86/mce: Make sure to grab mce_sysfs_mutex in set_bank() (git-fixes).
* x86/nmi: Fix the inverse "in NMI handler" check (git-fixes).
* x86/nospec: Refactor UNTRAIN_RET[_*] (git-fixes).
* x86/pm: Work around false positive kmemleak report in msr_build_context()
(git-fixes).
* x86/purgatory: Switch to the position-independent small code model (git-
fixes).
* x86/rethunk: Use SYM_CODE_START[_LOCAL]_NOALIGN macros (git-fixes).
* x86/retpoline: Add NOENDBR annotation to the SRSO dummy return thunk (git-
fixes).
* x86/retpoline: Do the necessary fixup to the Zen3/4 srso return thunk for
!SRSO (git-fixes).
* x86/srso: Disentangle rethunk-dependent options (git-fixes).
* x86/srso: Fix unret validation dependencies (git-fixes).
* x86/srso: Improve i-cache locality for alias mitigation (git-fixes).
* x86/srso: Print actual mitigation if requested mitigation isn't possible
(git-fixes).
* x86/srso: Remove 'pred_cmd' label (git-fixes).
* x86/srso: Unexport untraining functions (git-fixes).
* x86/xen: Add some null pointer checking to smp.c (git-fixes).
* x86/xen: attempt to inflate the memory balloon on PVH (git-fixes).
* xdp, bonding: Fix feature flags when there are no slave devs anymore (git-
fixes).
* xen/events: drop xen_allocate_irqs_dynamic() (git-fixes).
* xen/events: fix error code in xen_bind_pirq_msi_to_irq() (git-fixes).
* xen/events: increment refcnt only if event channel is refcounted (git-
fixes).
* xen/events: modify internal [un]bind interfaces (git-fixes).
* xen/events: reduce externally visible helper functions (git-fixes).
* xen/events: remove some simple helpers from events_base.c (git-fixes).
* xen: evtchn: Allow shared registration of IRQ handers (git-fixes).
* xen/evtchn: avoid WARN() when unbinding an event channel (git-fixes).
* xen-netfront: Add missing skb_mark_for_recycle (git-fixes).
* xfs: add lock protection when remove perag from radix tree (git-fixes).
* xfs: allow extent free intents to be retried (git-fixes).
* xfs: fix perag leak when growfs fails (git-fixes).
* xfs: force all buffers to be written during btree bulk load (git-fixes).
* xfs: make xchk_iget safer in the presence of corrupt inode btrees (git-
fixes).
* xfs: pass the xfs_defer_pending object to iop_recover (git-fixes).
* xfs: recompute growfsrtfree transaction reservation while growing rt volume
(git-fixes).
* xfs: transfer recovered intent item ownership in ->iop_recover (git-fixes).
* xfs: use xfs_defer_pending objects to recover intent items (git-fixes).
* xhci: add helper that checks for unhandled events on a event ring (git-
fixes).
* xhci: remove unnecessary event_ring_deq parameter from xhci_handle_event()
(git-fixes).
* xhci: Simplify event ring dequeue pointer update for port change events
(git-fixes).
* xhci: simplify event ring dequeue tracking for transfer events (git-fixes).

## Special Instructions and Notes:

* Please reboot the system after installing this update.

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.6
zypper in -t patch SUSE-2024-2203=1 openSUSE-SLE-15.6-2024-2203=1

* Basesystem Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-2203=1

* Development Tools Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2024-2203=1

* Legacy Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Legacy-15-SP6-2024-2203=1

* SUSE Linux Enterprise Live Patching 15-SP6
zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2024-2203=1
Please note that this is the initial kernel livepatch without fixes itself, this
package is later updated by separate standalone kernel livepatch updates.

* SUSE Linux Enterprise High Availability Extension 15 SP6
zypper in -t patch SUSE-SLE-Product-HA-15-SP6-2024-2203=1

* SUSE Linux Enterprise Workstation Extension 15 SP6
zypper in -t patch SUSE-SLE-Product-WE-15-SP6-2024-2203=1

## Package List:

* openSUSE Leap 15.6 (noarch nosrc)
* kernel-docs-6.4.0-150600.23.7.4
* openSUSE Leap 15.6 (noarch)
* kernel-macros-6.4.0-150600.23.7.2
* kernel-devel-6.4.0-150600.23.7.2
* kernel-source-6.4.0-150600.23.7.2
* kernel-docs-html-6.4.0-150600.23.7.4
* kernel-source-vanilla-6.4.0-150600.23.7.2
* openSUSE Leap 15.6 (nosrc ppc64le x86_64)
* kernel-debug-6.4.0-150600.23.7.3
* openSUSE Leap 15.6 (ppc64le x86_64)
* kernel-debug-debugsource-6.4.0-150600.23.7.3
* kernel-debug-devel-6.4.0-150600.23.7.3
* kernel-debug-livepatch-devel-6.4.0-150600.23.7.3
* kernel-debug-devel-debuginfo-6.4.0-150600.23.7.3
* kernel-debug-debuginfo-6.4.0-150600.23.7.3
* openSUSE Leap 15.6 (x86_64)
* kernel-default-vdso-6.4.0-150600.23.7.3
* kernel-kvmsmall-vdso-debuginfo-6.4.0-150600.23.7.3
* kernel-default-vdso-debuginfo-6.4.0-150600.23.7.3
* kernel-kvmsmall-vdso-6.4.0-150600.23.7.3
* kernel-debug-vdso-6.4.0-150600.23.7.3
* kernel-debug-vdso-debuginfo-6.4.0-150600.23.7.3
* openSUSE Leap 15.6 (aarch64 ppc64le x86_64)
* kernel-kvmsmall-livepatch-devel-6.4.0-150600.23.7.3
* kernel-kvmsmall-debuginfo-6.4.0-150600.23.7.3
* kernel-kvmsmall-debugsource-6.4.0-150600.23.7.3
* kernel-default-base-rebuild-6.4.0-150600.23.7.3.150600.12.2.7
* kernel-kvmsmall-devel-debuginfo-6.4.0-150600.23.7.3
* kernel-kvmsmall-devel-6.4.0-150600.23.7.3
* kernel-default-base-6.4.0-150600.23.7.3.150600.12.2.7
* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
* cluster-md-kmp-default-debuginfo-6.4.0-150600.23.7.3
* kernel-default-livepatch-devel-6.4.0-150600.23.7.3
* kernel-default-debuginfo-6.4.0-150600.23.7.3
* reiserfs-kmp-default-6.4.0-150600.23.7.3
* kselftests-kmp-default-debuginfo-6.4.0-150600.23.7.3
* ocfs2-kmp-default-6.4.0-150600.23.7.3
* ocfs2-kmp-default-debuginfo-6.4.0-150600.23.7.3
* kernel-obs-build-6.4.0-150600.23.7.3
* kernel-obs-build-debugsource-6.4.0-150600.23.7.3
* kernel-default-extra-debuginfo-6.4.0-150600.23.7.3
* dlm-kmp-default-debuginfo-6.4.0-150600.23.7.3
* kernel-default-optional-6.4.0-150600.23.7.3
* kernel-default-devel-debuginfo-6.4.0-150600.23.7.3
* kernel-default-debugsource-6.4.0-150600.23.7.3
* kselftests-kmp-default-6.4.0-150600.23.7.3
* kernel-default-devel-6.4.0-150600.23.7.3
* kernel-default-extra-6.4.0-150600.23.7.3
* reiserfs-kmp-default-debuginfo-6.4.0-150600.23.7.3
* kernel-default-livepatch-6.4.0-150600.23.7.3
* gfs2-kmp-default-debuginfo-6.4.0-150600.23.7.3
* kernel-obs-qa-6.4.0-150600.23.7.1
* kernel-default-optional-debuginfo-6.4.0-150600.23.7.3
* dlm-kmp-default-6.4.0-150600.23.7.3
* kernel-syms-6.4.0-150600.23.7.1
* gfs2-kmp-default-6.4.0-150600.23.7.3
* cluster-md-kmp-default-6.4.0-150600.23.7.3
* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 nosrc)
* kernel-default-6.4.0-150600.23.7.3
* openSUSE Leap 15.6 (aarch64 nosrc ppc64le x86_64)
* kernel-kvmsmall-6.4.0-150600.23.7.3
* openSUSE Leap 15.6 (ppc64le s390x x86_64)
* kernel-livepatch-SLE15-SP6_Update_1-debugsource-1-150600.13.3.7
* kernel-livepatch-6_4_0-150600_23_7-default-debuginfo-1-150600.13.3.7
* kernel-livepatch-6_4_0-150600_23_7-default-1-150600.13.3.7
* openSUSE Leap 15.6 (nosrc s390x)
* kernel-zfcpdump-6.4.0-150600.23.7.3
* openSUSE Leap 15.6 (s390x)
* kernel-zfcpdump-debugsource-6.4.0-150600.23.7.3
* kernel-zfcpdump-debuginfo-6.4.0-150600.23.7.3
* openSUSE Leap 15.6 (nosrc)
* dtb-aarch64-6.4.0-150600.23.7.1
* openSUSE Leap 15.6 (aarch64)
* reiserfs-kmp-64kb-debuginfo-6.4.0-150600.23.7.3
* dtb-rockchip-6.4.0-150600.23.7.1
* kernel-64kb-extra-6.4.0-150600.23.7.3
* ocfs2-kmp-64kb-debuginfo-6.4.0-150600.23.7.3
* gfs2-kmp-64kb-debuginfo-6.4.0-150600.23.7.3
* kernel-64kb-devel-debuginfo-6.4.0-150600.23.7.3
* kselftests-kmp-64kb-debuginfo-6.4.0-150600.23.7.3
* dlm-kmp-64kb-debuginfo-6.4.0-150600.23.7.3
* dtb-broadcom-6.4.0-150600.23.7.1
* dtb-sprd-6.4.0-150600.23.7.1
* kernel-64kb-debuginfo-6.4.0-150600.23.7.3
* ocfs2-kmp-64kb-6.4.0-150600.23.7.3
* dtb-amazon-6.4.0-150600.23.7.1
* dtb-allwinner-6.4.0-150600.23.7.1
* dtb-amlogic-6.4.0-150600.23.7.1
* dtb-lg-6.4.0-150600.23.7.1
* dtb-altera-6.4.0-150600.23.7.1
* dtb-socionext-6.4.0-150600.23.7.1
* dtb-mediatek-6.4.0-150600.23.7.1
* gfs2-kmp-64kb-6.4.0-150600.23.7.3
* dtb-amd-6.4.0-150600.23.7.1
* dtb-freescale-6.4.0-150600.23.7.1
* kernel-64kb-extra-debuginfo-6.4.0-150600.23.7.3
* kernel-64kb-optional-6.4.0-150600.23.7.3
* dtb-renesas-6.4.0-150600.23.7.1
* kselftests-kmp-64kb-6.4.0-150600.23.7.3
* cluster-md-kmp-64kb-6.4.0-150600.23.7.3
* kernel-64kb-devel-6.4.0-150600.23.7.3
* dtb-apple-6.4.0-150600.23.7.1
* dtb-arm-6.4.0-150600.23.7.1
* dlm-kmp-64kb-6.4.0-150600.23.7.3
* kernel-64kb-optional-debuginfo-6.4.0-150600.23.7.3
* dtb-exynos-6.4.0-150600.23.7.1
* dtb-xilinx-6.4.0-150600.23.7.1
* cluster-md-kmp-64kb-debuginfo-6.4.0-150600.23.7.3
* reiserfs-kmp-64kb-6.4.0-150600.23.7.3
* kernel-64kb-debugsource-6.4.0-150600.23.7.3
* kernel-64kb-livepatch-devel-6.4.0-150600.23.7.3
* dtb-cavium-6.4.0-150600.23.7.1
* dtb-nvidia-6.4.0-150600.23.7.1
* dtb-apm-6.4.0-150600.23.7.1
* dtb-qcom-6.4.0-150600.23.7.1
* dtb-marvell-6.4.0-150600.23.7.1
* dtb-hisilicon-6.4.0-150600.23.7.1
* openSUSE Leap 15.6 (aarch64 nosrc)
* kernel-64kb-6.4.0-150600.23.7.3
* Basesystem Module 15-SP6 (aarch64 nosrc)
* kernel-64kb-6.4.0-150600.23.7.3
* Basesystem Module 15-SP6 (aarch64)
* kernel-64kb-devel-6.4.0-150600.23.7.3
* kernel-64kb-debugsource-6.4.0-150600.23.7.3
* kernel-64kb-devel-debuginfo-6.4.0-150600.23.7.3
* kernel-64kb-debuginfo-6.4.0-150600.23.7.3
* Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64 nosrc)
* kernel-default-6.4.0-150600.23.7.3
* Basesystem Module 15-SP6 (aarch64 ppc64le x86_64)
* kernel-default-base-6.4.0-150600.23.7.3.150600.12.2.7
* Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* kernel-default-debuginfo-6.4.0-150600.23.7.3
* kernel-default-devel-6.4.0-150600.23.7.3
* kernel-default-devel-debuginfo-6.4.0-150600.23.7.3
* kernel-default-debugsource-6.4.0-150600.23.7.3
* Basesystem Module 15-SP6 (noarch)
* kernel-macros-6.4.0-150600.23.7.2
* kernel-devel-6.4.0-150600.23.7.2
* Basesystem Module 15-SP6 (nosrc s390x)
* kernel-zfcpdump-6.4.0-150600.23.7.3
* Basesystem Module 15-SP6 (s390x)
* kernel-zfcpdump-debugsource-6.4.0-150600.23.7.3
* kernel-zfcpdump-debuginfo-6.4.0-150600.23.7.3
* Development Tools Module 15-SP6 (noarch nosrc)
* kernel-docs-6.4.0-150600.23.7.4
* Development Tools Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* kernel-obs-build-debugsource-6.4.0-150600.23.7.3
* kernel-obs-build-6.4.0-150600.23.7.3
* kernel-syms-6.4.0-150600.23.7.1
* Development Tools Module 15-SP6 (noarch)
* kernel-source-6.4.0-150600.23.7.2
* Legacy Module 15-SP6 (nosrc)
* kernel-default-6.4.0-150600.23.7.3
* Legacy Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* kernel-default-debuginfo-6.4.0-150600.23.7.3
* reiserfs-kmp-default-6.4.0-150600.23.7.3
* reiserfs-kmp-default-debuginfo-6.4.0-150600.23.7.3
* kernel-default-debugsource-6.4.0-150600.23.7.3
* SUSE Linux Enterprise Live Patching 15-SP6 (nosrc)
* kernel-default-6.4.0-150600.23.7.3
* SUSE Linux Enterprise Live Patching 15-SP6 (ppc64le s390x x86_64)
* kernel-livepatch-SLE15-SP6_Update_1-debugsource-1-150600.13.3.7
* kernel-default-debugsource-6.4.0-150600.23.7.3
* kernel-default-livepatch-devel-6.4.0-150600.23.7.3
* kernel-livepatch-6_4_0-150600_23_7-default-1-150600.13.3.7
* kernel-default-debuginfo-6.4.0-150600.23.7.3
* kernel-livepatch-6_4_0-150600_23_7-default-debuginfo-1-150600.13.3.7
* kernel-default-livepatch-6.4.0-150600.23.7.3
* SUSE Linux Enterprise High Availability Extension 15 SP6 (aarch64 ppc64le
s390x x86_64)
* ocfs2-kmp-default-6.4.0-150600.23.7.3
* ocfs2-kmp-default-debuginfo-6.4.0-150600.23.7.3
* cluster-md-kmp-default-debuginfo-6.4.0-150600.23.7.3
* gfs2-kmp-default-debuginfo-6.4.0-150600.23.7.3
* kernel-default-debugsource-6.4.0-150600.23.7.3
* kernel-default-debuginfo-6.4.0-150600.23.7.3
* dlm-kmp-default-6.4.0-150600.23.7.3
* gfs2-kmp-default-6.4.0-150600.23.7.3
* dlm-kmp-default-debuginfo-6.4.0-150600.23.7.3
* cluster-md-kmp-default-6.4.0-150600.23.7.3
* SUSE Linux Enterprise High Availability Extension 15 SP6 (nosrc)
* kernel-default-6.4.0-150600.23.7.3
* SUSE Linux Enterprise Workstation Extension 15 SP6 (nosrc)
* kernel-default-6.4.0-150600.23.7.3
* SUSE Linux Enterprise Workstation Extension 15 SP6 (x86_64)
* kernel-default-debuginfo-6.4.0-150600.23.7.3
* kernel-default-extra-debuginfo-6.4.0-150600.23.7.3
* kernel-default-extra-6.4.0-150600.23.7.3
* kernel-default-debugsource-6.4.0-150600.23.7.3

## References:

* https://www.suse.com/security/cve/CVE-2023-0160.html
* https://www.suse.com/security/cve/CVE-2023-52434.html
* https://www.suse.com/security/cve/CVE-2023-52458.html
* https://www.suse.com/security/cve/CVE-2023-52472.html
* https://www.suse.com/security/cve/CVE-2023-52503.html
* https://www.suse.com/security/cve/CVE-2023-52616.html
* https://www.suse.com/security/cve/CVE-2023-52618.html
* https://www.suse.com/security/cve/CVE-2023-52631.html
* https://www.suse.com/security/cve/CVE-2023-52635.html
* https://www.suse.com/security/cve/CVE-2023-52640.html
* https://www.suse.com/security/cve/CVE-2023-52641.html
* https://www.suse.com/security/cve/CVE-2023-52645.html
* https://www.suse.com/security/cve/CVE-2023-52652.html
* https://www.suse.com/security/cve/CVE-2023-52653.html
* https://www.suse.com/security/cve/CVE-2023-52654.html
* https://www.suse.com/security/cve/CVE-2023-52655.html
* https://www.suse.com/security/cve/CVE-2023-52657.html
* https://www.suse.com/security/cve/CVE-2023-52658.html
* https://www.suse.com/security/cve/CVE-2023-52659.html
* https://www.suse.com/security/cve/CVE-2023-52660.html
* https://www.suse.com/security/cve/CVE-2023-52661.html
* https://www.suse.com/security/cve/CVE-2023-52662.html
* https://www.suse.com/security/cve/CVE-2023-52663.html
* https://www.suse.com/security/cve/CVE-2023-52664.html
* https://www.suse.com/security/cve/CVE-2023-52667.html
* https://www.suse.com/security/cve/CVE-2023-52669.html
* https://www.suse.com/security/cve/CVE-2023-52670.html
* https://www.suse.com/security/cve/CVE-2023-52671.html
* https://www.suse.com/security/cve/CVE-2023-52673.html
* https://www.suse.com/security/cve/CVE-2023-52674.html
* https://www.suse.com/security/cve/CVE-2023-52675.html
* https://www.suse.com/security/cve/CVE-2023-52676.html
* https://www.suse.com/security/cve/CVE-2023-52678.html
* https://www.suse.com/security/cve/CVE-2023-52679.html
* https://www.suse.com/security/cve/CVE-2023-52680.html
* https://www.suse.com/security/cve/CVE-2023-52681.html
* https://www.suse.com/security/cve/CVE-2023-52683.html
* https://www.suse.com/security/cve/CVE-2023-52685.html
* https://www.suse.com/security/cve/CVE-2023-52686.html
* https://www.suse.com/security/cve/CVE-2023-52687.html
* https://www.suse.com/security/cve/CVE-2023-52690.html
* https://www.suse.com/security/cve/CVE-2023-52691.html
* https://www.suse.com/security/cve/CVE-2023-52692.html
* https://www.suse.com/security/cve/CVE-2023-52693.html
* https://www.suse.com/security/cve/CVE-2023-52694.html
* https://www.suse.com/security/cve/CVE-2023-52695.html
* https://www.suse.com/security/cve/CVE-2023-52696.html
* https://www.suse.com/security/cve/CVE-2023-52697.html
* https://www.suse.com/security/cve/CVE-2023-52698.html
* https://www.suse.com/security/cve/CVE-2023-52771.html
* https://www.suse.com/security/cve/CVE-2023-52772.html
* https://www.suse.com/security/cve/CVE-2023-52860.html
* https://www.suse.com/security/cve/CVE-2023-52882.html
* https://www.suse.com/security/cve/CVE-2023-6238.html
* https://www.suse.com/security/cve/CVE-2023-7042.html
* https://www.suse.com/security/cve/CVE-2024-0639.html
* https://www.suse.com/security/cve/CVE-2024-21823.html
* https://www.suse.com/security/cve/CVE-2024-22099.html
* https://www.suse.com/security/cve/CVE-2024-23848.html
* https://www.suse.com/security/cve/CVE-2024-24861.html
* https://www.suse.com/security/cve/CVE-2024-25739.html
* https://www.suse.com/security/cve/CVE-2024-26601.html
* https://www.suse.com/security/cve/CVE-2024-26611.html
* https://www.suse.com/security/cve/CVE-2024-26614.html
* https://www.suse.com/security/cve/CVE-2024-26632.html
* https://www.suse.com/security/cve/CVE-2024-26638.html
* https://www.suse.com/security/cve/CVE-2024-26642.html
* https://www.suse.com/security/cve/CVE-2024-26643.html
* https://www.suse.com/security/cve/CVE-2024-26650.html
* https://www.suse.com/security/cve/CVE-2024-26654.html
* https://www.suse.com/security/cve/CVE-2024-26656.html
* https://www.suse.com/security/cve/CVE-2024-26657.html
* https://www.suse.com/security/cve/CVE-2024-26671.html
* https://www.suse.com/security/cve/CVE-2024-26673.html
* https://www.suse.com/security/cve/CVE-2024-26674.html
* https://www.suse.com/security/cve/CVE-2024-26679.html
* https://www.suse.com/security/cve/CVE-2024-26684.html
* https://www.suse.com/security/cve/CVE-2024-26685.html
* https://www.suse.com/security/cve/CVE-2024-26692.html
* https://www.suse.com/security/cve/CVE-2024-26704.html
* https://www.suse.com/security/cve/CVE-2024-26714.html
* https://www.suse.com/security/cve/CVE-2024-26726.html
* https://www.suse.com/security/cve/CVE-2024-26731.html
* https://www.suse.com/security/cve/CVE-2024-26733.html
* https://www.suse.com/security/cve/CVE-2024-26737.html
* https://www.suse.com/security/cve/CVE-2024-26739.html
* https://www.suse.com/security/cve/CVE-2024-26740.html
* https://www.suse.com/security/cve/CVE-2024-26742.html
* https://www.suse.com/security/cve/CVE-2024-26760.html
* https://www.suse.com/security/cve/CVE-2024-267600.html
* https://www.suse.com/security/cve/CVE-2024-26761.html
* https://www.suse.com/security/cve/CVE-2024-26764.html
* https://www.suse.com/security/cve/CVE-2024-26769.html
* https://www.suse.com/security/cve/CVE-2024-26772.html
* https://www.suse.com/security/cve/CVE-2024-26773.html
* https://www.suse.com/security/cve/CVE-2024-26774.html
* https://www.suse.com/security/cve/CVE-2024-26775.html
* https://www.suse.com/security/cve/CVE-2024-26783.html
* https://www.suse.com/security/cve/CVE-2024-26786.html
* https://www.suse.com/security/cve/CVE-2024-26791.html
* https://www.suse.com/security/cve/CVE-2024-26793.html
* https://www.suse.com/security/cve/CVE-2024-26794.html
* https://www.suse.com/security/cve/CVE-2024-26802.html
* https://www.suse.com/security/cve/CVE-2024-26805.html
* https://www.suse.com/security/cve/CVE-2024-26807.html
* https://www.suse.com/security/cve/CVE-2024-26815.html
* https://www.suse.com/security/cve/CVE-2024-26816.html
* https://www.suse.com/security/cve/CVE-2024-26822.html
* https://www.suse.com/security/cve/CVE-2024-26832.html
* https://www.suse.com/security/cve/CVE-2024-26836.html
* https://www.suse.com/security/cve/CVE-2024-26844.html
* https://www.suse.com/security/cve/CVE-2024-26846.html
* https://www.suse.com/security/cve/CVE-2024-26853.html
* https://www.suse.com/security/cve/CVE-2024-26854.html
* https://www.suse.com/security/cve/CVE-2024-26855.html
* https://www.suse.com/security/cve/CVE-2024-26856.html
* https://www.suse.com/security/cve/CVE-2024-26857.html
* https://www.suse.com/security/cve/CVE-2024-26858.html
* https://www.suse.com/security/cve/CVE-2024-26860.html
* https://www.suse.com/security/cve/CVE-2024-26861.html
* https://www.suse.com/security/cve/CVE-2024-26862.html
* https://www.suse.com/security/cve/CVE-2024-26866.html
* https://www.suse.com/security/cve/CVE-2024-26868.html
* https://www.suse.com/security/cve/CVE-2024-26870.html
* https://www.suse.com/security/cve/CVE-2024-26878.html
* https://www.suse.com/security/cve/CVE-2024-26881.html
* https://www.suse.com/security/cve/CVE-2024-26882.html
* https://www.suse.com/security/cve/CVE-2024-26883.html
* https://www.suse.com/security/cve/CVE-2024-26884.html
* https://www.suse.com/security/cve/CVE-2024-26885.html
* https://www.suse.com/security/cve/CVE-2024-26899.html
* https://www.suse.com/security/cve/CVE-2024-26900.html
* https://www.suse.com/security/cve/CVE-2024-26901.html
* https://www.suse.com/security/cve/CVE-2024-26903.html
* https://www.suse.com/security/cve/CVE-2024-26906.html
* https://www.suse.com/security/cve/CVE-2024-26909.html
* https://www.suse.com/security/cve/CVE-2024-26921.html
* https://www.suse.com/security/cve/CVE-2024-26922.html
* https://www.suse.com/security/cve/CVE-2024-26923.html
* https://www.suse.com/security/cve/CVE-2024-26925.html
* https://www.suse.com/security/cve/CVE-2024-26928.html
* https://www.suse.com/security/cve/CVE-2024-26932.html
* https://www.suse.com/security/cve/CVE-2024-26933.html
* https://www.suse.com/security/cve/CVE-2024-26934.html
* https://www.suse.com/security/cve/CVE-2024-26935.html
* https://www.suse.com/security/cve/CVE-2024-26937.html
* https://www.suse.com/security/cve/CVE-2024-26938.html
* https://www.suse.com/security/cve/CVE-2024-26940.html
* https://www.suse.com/security/cve/CVE-2024-26943.html
* https://www.suse.com/security/cve/CVE-2024-26945.html
* https://www.suse.com/security/cve/CVE-2024-26946.html
* https://www.suse.com/security/cve/CVE-2024-26948.html
* https://www.suse.com/security/cve/CVE-2024-26949.html
* https://www.suse.com/security/cve/CVE-2024-26950.html
* https://www.suse.com/security/cve/CVE-2024-26951.html
* https://www.suse.com/security/cve/CVE-2024-26957.html
* https://www.suse.com/security/cve/CVE-2024-26958.html
* https://www.suse.com/security/cve/CVE-2024-26960.html
* https://www.suse.com/security/cve/CVE-2024-26961.html
* https://www.suse.com/security/cve/CVE-2024-26962.html
* https://www.suse.com/security/cve/CVE-2024-26963.html
* https://www.suse.com/security/cve/CVE-2024-26964.html
* https://www.suse.com/security/cve/CVE-2024-26972.html
* https://www.suse.com/security/cve/CVE-2024-26973.html
* https://www.suse.com/security/cve/CVE-2024-26978.html
* https://www.suse.com/security/cve/CVE-2024-26981.html
* https://www.suse.com/security/cve/CVE-2024-26982.html
* https://www.suse.com/security/cve/CVE-2024-26983.html
* https://www.suse.com/security/cve/CVE-2024-26984.html
* https://www.suse.com/security/cve/CVE-2024-26986.html
* https://www.suse.com/security/cve/CVE-2024-26988.html
* https://www.suse.com/security/cve/CVE-2024-26989.html
* https://www.suse.com/security/cve/CVE-2024-26990.html
* https://www.suse.com/security/cve/CVE-2024-26991.html
* https://www.suse.com/security/cve/CVE-2024-26992.html
* https://www.suse.com/security/cve/CVE-2024-26993.html
* https://www.suse.com/security/cve/CVE-2024-26994.html
* https://www.suse.com/security/cve/CVE-2024-26995.html
* https://www.suse.com/security/cve/CVE-2024-26996.html
* https://www.suse.com/security/cve/CVE-2024-26997.html
* https://www.suse.com/security/cve/CVE-2024-26999.html
* https://www.suse.com/security/cve/CVE-2024-27000.html
* https://www.suse.com/security/cve/CVE-2024-27001.html
* https://www.suse.com/security/cve/CVE-2024-27002.html
* https://www.suse.com/security/cve/CVE-2024-27003.html
* https://www.suse.com/security/cve/CVE-2024-27004.html
* https://www.suse.com/security/cve/CVE-2024-27008.html
* https://www.suse.com/security/cve/CVE-2024-27013.html
* https://www.suse.com/security/cve/CVE-2024-27014.html
* https://www.suse.com/security/cve/CVE-2024-27022.html
* https://www.suse.com/security/cve/CVE-2024-27027.html
* https://www.suse.com/security/cve/CVE-2024-27028.html
* https://www.suse.com/security/cve/CVE-2024-27029.html
* https://www.suse.com/security/cve/CVE-2024-27030.html
* https://www.suse.com/security/cve/CVE-2024-27031.html
* https://www.suse.com/security/cve/CVE-2024-27036.html
* https://www.suse.com/security/cve/CVE-2024-27046.html
* https://www.suse.com/security/cve/CVE-2024-27056.html
* https://www.suse.com/security/cve/CVE-2024-27057.html
* https://www.suse.com/security/cve/CVE-2024-27062.html
* https://www.suse.com/security/cve/CVE-2024-27067.html
* https://www.suse.com/security/cve/CVE-2024-27080.html
* https://www.suse.com/security/cve/CVE-2024-27388.html
* https://www.suse.com/security/cve/CVE-2024-27389.html
* https://www.suse.com/security/cve/CVE-2024-27393.html
* https://www.suse.com/security/cve/CVE-2024-27395.html
* https://www.suse.com/security/cve/CVE-2024-27396.html
* https://www.suse.com/security/cve/CVE-2024-27398.html
* https://www.suse.com/security/cve/CVE-2024-27399.html
* https://www.suse.com/security/cve/CVE-2024-27400.html
* https://www.suse.com/security/cve/CVE-2024-27401.html
* https://www.suse.com/security/cve/CVE-2024-27405.html
* https://www.suse.com/security/cve/CVE-2024-27408.html
* https://www.suse.com/security/cve/CVE-2024-27410.html
* https://www.suse.com/security/cve/CVE-2024-27411.html
* https://www.suse.com/security/cve/CVE-2024-27412.html
* https://www.suse.com/security/cve/CVE-2024-27413.html
* https://www.suse.com/security/cve/CVE-2024-27416.html
* https://www.suse.com/security/cve/CVE-2024-27417.html
* https://www.suse.com/security/cve/CVE-2024-27418.html
* https://www.suse.com/security/cve/CVE-2024-27431.html
* https://www.suse.com/security/cve/CVE-2024-27432.html
* https://www.suse.com/security/cve/CVE-2024-27434.html
* https://www.suse.com/security/cve/CVE-2024-27435.html
* https://www.suse.com/security/cve/CVE-2024-27436.html
* https://www.suse.com/security/cve/CVE-2024-35784.html
* https://www.suse.com/security/cve/CVE-2024-35786.html
* https://www.suse.com/security/cve/CVE-2024-35788.html
* https://www.suse.com/security/cve/CVE-2024-35789.html
* https://www.suse.com/security/cve/CVE-2024-35790.html
* https://www.suse.com/security/cve/CVE-2024-35791.html
* https://www.suse.com/security/cve/CVE-2024-35794.html
* https://www.suse.com/security/cve/CVE-2024-35795.html
* https://www.suse.com/security/cve/CVE-2024-35796.html
* https://www.suse.com/security/cve/CVE-2024-35799.html
* https://www.suse.com/security/cve/CVE-2024-35800.html
* https://www.suse.com/security/cve/CVE-2024-35801.html
* https://www.suse.com/security/cve/CVE-2024-35803.html
* https://www.suse.com/security/cve/CVE-2024-35804.html
* https://www.suse.com/security/cve/CVE-2024-35806.html
* https://www.suse.com/security/cve/CVE-2024-35808.html
* https://www.suse.com/security/cve/CVE-2024-35809.html
* https://www.suse.com/security/cve/CVE-2024-35810.html
* https://www.suse.com/security/cve/CVE-2024-35811.html
* https://www.suse.com/security/cve/CVE-2024-35812.html
* https://www.suse.com/security/cve/CVE-2024-35813.html
* https://www.suse.com/security/cve/CVE-2024-35814.html
* https://www.suse.com/security/cve/CVE-2024-35815.html
* https://www.suse.com/security/cve/CVE-2024-35817.html
* https://www.suse.com/security/cve/CVE-2024-35819.html
* https://www.suse.com/security/cve/CVE-2024-35821.html
* https://www.suse.com/security/cve/CVE-2024-35822.html
* https://www.suse.com/security/cve/CVE-2024-35823.html
* https://www.suse.com/security/cve/CVE-2024-35824.html
* https://www.suse.com/security/cve/CVE-2024-35825.html
* https://www.suse.com/security/cve/CVE-2024-35828.html
* https://www.suse.com/security/cve/CVE-2024-35829.html
* https://www.suse.com/security/cve/CVE-2024-35830.html
* https://www.suse.com/security/cve/CVE-2024-35833.html
* https://www.suse.com/security/cve/CVE-2024-35834.html
* https://www.suse.com/security/cve/CVE-2024-35835.html
* https://www.suse.com/security/cve/CVE-2024-35836.html
* https://www.suse.com/security/cve/CVE-2024-35837.html
* https://www.suse.com/security/cve/CVE-2024-35838.html
* https://www.suse.com/security/cve/CVE-2024-35841.html
* https://www.suse.com/security/cve/CVE-2024-35842.html
* https://www.suse.com/security/cve/CVE-2024-35845.html
* https://www.suse.com/security/cve/CVE-2024-35847.html
* https://www.suse.com/security/cve/CVE-2024-35849.html
* https://www.suse.com/security/cve/CVE-2024-35850.html
* https://www.suse.com/security/cve/CVE-2024-35851.html
* https://www.suse.com/security/cve/CVE-2024-35852.html
* https://www.suse.com/security/cve/CVE-2024-35854.html
* https://www.suse.com/security/cve/CVE-2024-35860.html
* https://www.suse.com/security/cve/CVE-2024-35861.html
* https://www.suse.com/security/cve/CVE-2024-35862.html
* https://www.suse.com/security/cve/CVE-2024-35863.html
* https://www.suse.com/security/cve/CVE-2024-35864.html
* https://www.suse.com/security/cve/CVE-2024-35865.html
* https://www.suse.com/security/cve/CVE-2024-35866.html
* https://www.suse.com/security/cve/CVE-2024-35867.html
* https://www.suse.com/security/cve/CVE-2024-35868.html
* https://www.suse.com/security/cve/CVE-2024-35869.html
* https://www.suse.com/security/cve/CVE-2024-35870.html
* https://www.suse.com/security/cve/CVE-2024-35872.html
* https://www.suse.com/security/cve/CVE-2024-35875.html
* https://www.suse.com/security/cve/CVE-2024-35877.html
* https://www.suse.com/security/cve/CVE-2024-35878.html
* https://www.suse.com/security/cve/CVE-2024-35879.html
* https://www.suse.com/security/cve/CVE-2024-35883.html
* https://www.suse.com/security/cve/CVE-2024-35885.html
* https://www.suse.com/security/cve/CVE-2024-35887.html
* https://www.suse.com/security/cve/CVE-2024-35889.html
* https://www.suse.com/security/cve/CVE-2024-35891.html
* https://www.suse.com/security/cve/CVE-2024-35895.html
* https://www.suse.com/security/cve/CVE-2024-35901.html
* https://www.suse.com/security/cve/CVE-2024-35903.html
* https://www.suse.com/security/cve/CVE-2024-35904.html
* https://www.suse.com/security/cve/CVE-2024-35905.html
* https://www.suse.com/security/cve/CVE-2024-35907.html
* https://www.suse.com/security/cve/CVE-2024-35909.html
* https://www.suse.com/security/cve/CVE-2024-35911.html
* https://www.suse.com/security/cve/CVE-2024-35912.html
* https://www.suse.com/security/cve/CVE-2024-35914.html
* https://www.suse.com/security/cve/CVE-2024-35915.html
* https://www.suse.com/security/cve/CVE-2024-35916.html
* https://www.suse.com/security/cve/CVE-2024-35917.html
* https://www.suse.com/security/cve/CVE-2024-35921.html
* https://www.suse.com/security/cve/CVE-2024-35922.html
* https://www.suse.com/security/cve/CVE-2024-35924.html
* https://www.suse.com/security/cve/CVE-2024-35927.html
* https://www.suse.com/security/cve/CVE-2024-35928.html
* https://www.suse.com/security/cve/CVE-2024-35930.html
* https://www.suse.com/security/cve/CVE-2024-35931.html
* https://www.suse.com/security/cve/CVE-2024-35932.html
* https://www.suse.com/security/cve/CVE-2024-35933.html
* https://www.suse.com/security/cve/CVE-2024-35935.html
* https://www.suse.com/security/cve/CVE-2024-35936.html
* https://www.suse.com/security/cve/CVE-2024-35937.html
* https://www.suse.com/security/cve/CVE-2024-35938.html
* https://www.suse.com/security/cve/CVE-2024-35940.html
* https://www.suse.com/security/cve/CVE-2024-35943.html
* https://www.suse.com/security/cve/CVE-2024-35944.html
* https://www.suse.com/security/cve/CVE-2024-35945.html
* https://www.suse.com/security/cve/CVE-2024-35946.html
* https://www.suse.com/security/cve/CVE-2024-35947.html
* https://www.suse.com/security/cve/CVE-2024-35950.html
* https://www.suse.com/security/cve/CVE-2024-35951.html
* https://www.suse.com/security/cve/CVE-2024-35952.html
* https://www.suse.com/security/cve/CVE-2024-35953.html
* https://www.suse.com/security/cve/CVE-2024-35954.html
* https://www.suse.com/security/cve/CVE-2024-35955.html
* https://www.suse.com/security/cve/CVE-2024-35956.html
* https://www.suse.com/security/cve/CVE-2024-35958.html
* https://www.suse.com/security/cve/CVE-2024-35959.html
* https://www.suse.com/security/cve/CVE-2024-35960.html
* https://www.suse.com/security/cve/CVE-2024-35961.html
* https://www.suse.com/security/cve/CVE-2024-35963.html
* https://www.suse.com/security/cve/CVE-2024-35964.html
* https://www.suse.com/security/cve/CVE-2024-35965.html
* https://www.suse.com/security/cve/CVE-2024-35966.html
* https://www.suse.com/security/cve/CVE-2024-35967.html
* https://www.suse.com/security/cve/CVE-2024-35969.html
* https://www.suse.com/security/cve/CVE-2024-35971.html
* https://www.suse.com/security/cve/CVE-2024-35972.html
* https://www.suse.com/security/cve/CVE-2024-35973.html
* https://www.suse.com/security/cve/CVE-2024-35974.html
* https://www.suse.com/security/cve/CVE-2024-35975.html
* https://www.suse.com/security/cve/CVE-2024-35977.html
* https://www.suse.com/security/cve/CVE-2024-35978.html
* https://www.suse.com/security/cve/CVE-2024-35981.html
* https://www.suse.com/security/cve/CVE-2024-35982.html
* https://www.suse.com/security/cve/CVE-2024-35984.html
* https://www.suse.com/security/cve/CVE-2024-35986.html
* https://www.suse.com/security/cve/CVE-2024-35989.html
* https://www.suse.com/security/cve/CVE-2024-35990.html
* https://www.suse.com/security/cve/CVE-2024-35991.html
* https://www.suse.com/security/cve/CVE-2024-35992.html
* https://www.suse.com/security/cve/CVE-2024-35995.html
* https://www.suse.com/security/cve/CVE-2024-35997.html
* https://www.suse.com/security/cve/CVE-2024-35999.html
* https://www.suse.com/security/cve/CVE-2024-36002.html
* https://www.suse.com/security/cve/CVE-2024-36006.html
* https://www.suse.com/security/cve/CVE-2024-36007.html
* https://www.suse.com/security/cve/CVE-2024-36009.html
* https://www.suse.com/security/cve/CVE-2024-36011.html
* https://www.suse.com/security/cve/CVE-2024-36012.html
* https://www.suse.com/security/cve/CVE-2024-36013.html
* https://www.suse.com/security/cve/CVE-2024-36014.html
* https://www.suse.com/security/cve/CVE-2024-36015.html
* https://www.suse.com/security/cve/CVE-2024-36016.html
* https://www.suse.com/security/cve/CVE-2024-36018.html
* https://www.suse.com/security/cve/CVE-2024-36019.html
* https://www.suse.com/security/cve/CVE-2024-36020.html
* https://www.suse.com/security/cve/CVE-2024-36021.html
* https://www.suse.com/security/cve/CVE-2024-36025.html
* https://www.suse.com/security/cve/CVE-2024-36026.html
* https://www.suse.com/security/cve/CVE-2024-36029.html
* https://www.suse.com/security/cve/CVE-2024-36030.html
* https://www.suse.com/security/cve/CVE-2024-36032.html
* https://www.suse.com/security/cve/CVE-2024-36880.html
* https://www.suse.com/security/cve/CVE-2024-36885.html
* https://www.suse.com/security/cve/CVE-2024-36890.html
* https://www.suse.com/security/cve/CVE-2024-36891.html
* https://www.suse.com/security/cve/CVE-2024-36893.html
* https://www.suse.com/security/cve/CVE-2024-36894.html
* https://www.suse.com/security/cve/CVE-2024-36895.html
* https://www.suse.com/security/cve/CVE-2024-36896.html
* https://www.suse.com/security/cve/CVE-2024-36897.html
* https://www.suse.com/security/cve/CVE-2024-36898.html
* https://www.suse.com/security/cve/CVE-2024-36906.html
* https://www.suse.com/security/cve/CVE-2024-36918.html
* https://www.suse.com/security/cve/CVE-2024-36921.html
* https://www.suse.com/security/cve/CVE-2024-36922.html
* https://www.suse.com/security/cve/CVE-2024-36928.html
* https://www.suse.com/security/cve/CVE-2024-36930.html
* https://www.suse.com/security/cve/CVE-2024-36931.html
* https://www.suse.com/security/cve/CVE-2024-36936.html
* https://www.suse.com/security/cve/CVE-2024-36940.html
* https://www.suse.com/security/cve/CVE-2024-36941.html
* https://www.suse.com/security/cve/CVE-2024-36942.html
* https://www.suse.com/security/cve/CVE-2024-36944.html
* https://www.suse.com/security/cve/CVE-2024-36947.html
* https://www.suse.com/security/cve/CVE-2024-36949.html
* https://www.suse.com/security/cve/CVE-2024-36950.html
* https://www.suse.com/security/cve/CVE-2024-36951.html
* https://www.suse.com/security/cve/CVE-2024-36955.html
* https://www.suse.com/security/cve/CVE-2024-36959.html
* https://bugzilla.suse.com/show_bug.cgi?id=1012628
* https://bugzilla.suse.com/show_bug.cgi?id=1065729
* https://bugzilla.suse.com/show_bug.cgi?id=1181674
* https://bugzilla.suse.com/show_bug.cgi?id=1187716
* https://bugzilla.suse.com/show_bug.cgi?id=1193599
* https://bugzilla.suse.com/show_bug.cgi?id=1194869
* https://bugzilla.suse.com/show_bug.cgi?id=1207948
* https://bugzilla.suse.com/show_bug.cgi?id=1208593
* https://bugzilla.suse.com/show_bug.cgi?id=1209657
* https://bugzilla.suse.com/show_bug.cgi?id=1213573
* https://bugzilla.suse.com/show_bug.cgi?id=1214852
* https://bugzilla.suse.com/show_bug.cgi?id=1215199
* https://bugzilla.suse.com/show_bug.cgi?id=1216196
* https://bugzilla.suse.com/show_bug.cgi?id=1216358
* https://bugzilla.suse.com/show_bug.cgi?id=1216702
* https://bugzilla.suse.com/show_bug.cgi?id=1217169
* https://bugzilla.suse.com/show_bug.cgi?id=1217384
* https://bugzilla.suse.com/show_bug.cgi?id=1217408
* https://bugzilla.suse.com/show_bug.cgi?id=1217489
* https://bugzilla.suse.com/show_bug.cgi?id=1217750
* https://bugzilla.suse.com/show_bug.cgi?id=1217959
* https://bugzilla.suse.com/show_bug.cgi?id=1218205
* https://bugzilla.suse.com/show_bug.cgi?id=1218336
* https://bugzilla.suse.com/show_bug.cgi?id=1218447
* https://bugzilla.suse.com/show_bug.cgi?id=1218779
* https://bugzilla.suse.com/show_bug.cgi?id=1218917
* https://bugzilla.suse.com/show_bug.cgi?id=1219104
* https://bugzilla.suse.com/show_bug.cgi?id=1219170
* https://bugzilla.suse.com/show_bug.cgi?id=1219596
* https://bugzilla.suse.com/show_bug.cgi?id=1219623
* https://bugzilla.suse.com/show_bug.cgi?id=1219834
* https://bugzilla.suse.com/show_bug.cgi?id=1220021
* https://bugzilla.suse.com/show_bug.cgi?id=1220045
* https://bugzilla.suse.com/show_bug.cgi?id=1220120
* https://bugzilla.suse.com/show_bug.cgi?id=1220148
* https://bugzilla.suse.com/show_bug.cgi?id=1220328
* https://bugzilla.suse.com/show_bug.cgi?id=1220342
* https://bugzilla.suse.com/show_bug.cgi?id=1220428
* https://bugzilla.suse.com/show_bug.cgi?id=1220430
* https://bugzilla.suse.com/show_bug.cgi?id=1220569
* https://bugzilla.suse.com/show_bug.cgi?id=1220587
* https://bugzilla.suse.com/show_bug.cgi?id=1220783
* https://bugzilla.suse.com/show_bug.cgi?id=1220915
* https://bugzilla.suse.com/show_bug.cgi?id=1221044
* https://bugzilla.suse.com/show_bug.cgi?id=1221293
* https://bugzilla.suse.com/show_bug.cgi?id=1221303
* https://bugzilla.suse.com/show_bug.cgi?id=1221504
* https://bugzilla.suse.com/show_bug.cgi?id=1221612
* https://bugzilla.suse.com/show_bug.cgi?id=1221615
* https://bugzilla.suse.com/show_bug.cgi?id=1221635
* https://bugzilla.suse.com/show_bug.cgi?id=1221645
* https://bugzilla.suse.com/show_bug.cgi?id=1221649
* https://bugzilla.suse.com/show_bug.cgi?id=1221765
* https://bugzilla.suse.com/show_bug.cgi?id=1221777
* https://bugzilla.suse.com/show_bug.cgi?id=1221783
* https://bugzilla.suse.com/show_bug.cgi?id=1221816
* https://bugzilla.suse.com/show_bug.cgi?id=1221829
* https://bugzilla.suse.com/show_bug.cgi?id=1221830
* https://bugzilla.suse.com/show_bug.cgi?id=1221858
* https://bugzilla.suse.com/show_bug.cgi?id=1222048
* https://bugzilla.suse.com/show_bug.cgi?id=1222173
* https://bugzilla.suse.com/show_bug.cgi?id=1222264
* https://bugzilla.suse.com/show_bug.cgi?id=1222273
* https://bugzilla.suse.com/show_bug.cgi?id=1222294
* https://bugzilla.suse.com/show_bug.cgi?id=1222301
* https://bugzilla.suse.com/show_bug.cgi?id=1222303
* https://bugzilla.suse.com/show_bug.cgi?id=1222304
* https://bugzilla.suse.com/show_bug.cgi?id=1222307
* https://bugzilla.suse.com/show_bug.cgi?id=1222357
* https://bugzilla.suse.com/show_bug.cgi?id=1222366
* https://bugzilla.suse.com/show_bug.cgi?id=1222368
* https://bugzilla.suse.com/show_bug.cgi?id=1222371
* https://bugzilla.suse.com/show_bug.cgi?id=1222378
* https://bugzilla.suse.com/show_bug.cgi?id=1222385
* https://bugzilla.suse.com/show_bug.cgi?id=1222422
* https://bugzilla.suse.com/show_bug.cgi?id=1222426
* https://bugzilla.suse.com/show_bug.cgi?id=1222428
* https://bugzilla.suse.com/show_bug.cgi?id=1222437
* https://bugzilla.suse.com/show_bug.cgi?id=1222445
* https://bugzilla.suse.com/show_bug.cgi?id=1222459
* https://bugzilla.suse.com/show_bug.cgi?id=1222464
* https://bugzilla.suse.com/show_bug.cgi?id=1222489
* https://bugzilla.suse.com/show_bug.cgi?id=1222522
* https://bugzilla.suse.com/show_bug.cgi?id=1222525
* https://bugzilla.suse.com/show_bug.cgi?id=1222532
* https://bugzilla.suse.com/show_bug.cgi?id=1222557
* https://bugzilla.suse.com/show_bug.cgi?id=1222559
* https://bugzilla.suse.com/show_bug.cgi?id=1222563
* https://bugzilla.suse.com/show_bug.cgi?id=1222585
* https://bugzilla.suse.com/show_bug.cgi?id=1222596
* https://bugzilla.suse.com/show_bug.cgi?id=1222606
* https://bugzilla.suse.com/show_bug.cgi?id=1222608
* https://bugzilla.suse.com/show_bug.cgi?id=1222613
* https://bugzilla.suse.com/show_bug.cgi?id=1222615
* https://bugzilla.suse.com/show_bug.cgi?id=1222618
* https://bugzilla.suse.com/show_bug.cgi?id=1222622
* https://bugzilla.suse.com/show_bug.cgi?id=1222624
* https://bugzilla.suse.com/show_bug.cgi?id=1222627
* https://bugzilla.suse.com/show_bug.cgi?id=1222630
* https://bugzilla.suse.com/show_bug.cgi?id=1222635
* https://bugzilla.suse.com/show_bug.cgi?id=1222721
* https://bugzilla.suse.com/show_bug.cgi?id=1222727
* https://bugzilla.suse.com/show_bug.cgi?id=1222769
* https://bugzilla.suse.com/show_bug.cgi?id=1222771
* https://bugzilla.suse.com/show_bug.cgi?id=1222775
* https://bugzilla.suse.com/show_bug.cgi?id=1222777
* https://bugzilla.suse.com/show_bug.cgi?id=1222780
* https://bugzilla.suse.com/show_bug.cgi?id=1222782
* https://bugzilla.suse.com/show_bug.cgi?id=1222793
* https://bugzilla.suse.com/show_bug.cgi?id=1222799
* https://bugzilla.suse.com/show_bug.cgi?id=1222801
* https://bugzilla.suse.com/show_bug.cgi?id=1222968
* https://bugzilla.suse.com/show_bug.cgi?id=1223007
* https://bugzilla.suse.com/show_bug.cgi?id=1223011
* https://bugzilla.suse.com/show_bug.cgi?id=1223015
* https://bugzilla.suse.com/show_bug.cgi?id=1223020
* https://bugzilla.suse.com/show_bug.cgi?id=1223023
* https://bugzilla.suse.com/show_bug.cgi?id=1223024
* https://bugzilla.suse.com/show_bug.cgi?id=1223033
* https://bugzilla.suse.com/show_bug.cgi?id=1223034
* https://bugzilla.suse.com/show_bug.cgi?id=1223035
* https://bugzilla.suse.com/show_bug.cgi?id=1223038
* https://bugzilla.suse.com/show_bug.cgi?id=1223039
* https://bugzilla.suse.com/show_bug.cgi?id=1223041
* https://bugzilla.suse.com/show_bug.cgi?id=1223045
* https://bugzilla.suse.com/show_bug.cgi?id=1223046
* https://bugzilla.suse.com/show_bug.cgi?id=1223051
* https://bugzilla.suse.com/show_bug.cgi?id=1223052
* https://bugzilla.suse.com/show_bug.cgi?id=1223058
* https://bugzilla.suse.com/show_bug.cgi?id=1223060
* https://bugzilla.suse.com/show_bug.cgi?id=1223061
* https://bugzilla.suse.com/show_bug.cgi?id=1223076
* https://bugzilla.suse.com/show_bug.cgi?id=1223077
* https://bugzilla.suse.com/show_bug.cgi?id=1223111
* https://bugzilla.suse.com/show_bug.cgi?id=1223113
* https://bugzilla.suse.com/show_bug.cgi?id=1223138
* https://bugzilla.suse.com/show_bug.cgi?id=1223143
* https://bugzilla.suse.com/show_bug.cgi?id=1223187
* https://bugzilla.suse.com/show_bug.cgi?id=1223189
* https://bugzilla.suse.com/show_bug.cgi?id=1223190
* https://bugzilla.suse.com/show_bug.cgi?id=1223191
* https://bugzilla.suse.com/show_bug.cgi?id=1223198
* https://bugzilla.suse.com/show_bug.cgi?id=1223202
* https://bugzilla.suse.com/show_bug.cgi?id=1223285
* https://bugzilla.suse.com/show_bug.cgi?id=1223315
* https://bugzilla.suse.com/show_bug.cgi?id=1223338
* https://bugzilla.suse.com/show_bug.cgi?id=1223369
* https://bugzilla.suse.com/show_bug.cgi?id=1223380
* https://bugzilla.suse.com/show_bug.cgi?id=1223384
* https://bugzilla.suse.com/show_bug.cgi?id=1223390
* https://bugzilla.suse.com/show_bug.cgi?id=1223439
* https://bugzilla.suse.com/show_bug.cgi?id=1223462
* https://bugzilla.suse.com/show_bug.cgi?id=1223532
* https://bugzilla.suse.com/show_bug.cgi?id=1223539
* https://bugzilla.suse.com/show_bug.cgi?id=1223575
* https://bugzilla.suse.com/show_bug.cgi?id=1223590
* https://bugzilla.suse.com/show_bug.cgi?id=1223591
* https://bugzilla.suse.com/show_bug.cgi?id=1223592
* https://bugzilla.suse.com/show_bug.cgi?id=1223593
* https://bugzilla.suse.com/show_bug.cgi?id=1223625
* https://bugzilla.suse.com/show_bug.cgi?id=1223629
* https://bugzilla.suse.com/show_bug.cgi?id=1223633
* https://bugzilla.suse.com/show_bug.cgi?id=1223634
* https://bugzilla.suse.com/show_bug.cgi?id=1223637
* https://bugzilla.suse.com/show_bug.cgi?id=1223641
* https://bugzilla.suse.com/show_bug.cgi?id=1223643
* https://bugzilla.suse.com/show_bug.cgi?id=1223649
* https://bugzilla.suse.com/show_bug.cgi?id=1223650
* https://bugzilla.suse.com/show_bug.cgi?id=1223651
* https://bugzilla.suse.com/show_bug.cgi?id=1223652
* https://bugzilla.suse.com/show_bug.cgi?id=1223653
* https://bugzilla.suse.com/show_bug.cgi?id=1223654
* https://bugzilla.suse.com/show_bug.cgi?id=1223655
* https://bugzilla.suse.com/show_bug.cgi?id=1223660
* https://bugzilla.suse.com/show_bug.cgi?id=1223661
* https://bugzilla.suse.com/show_bug.cgi?id=1223664
* https://bugzilla.suse.com/show_bug.cgi?id=1223665
* https://bugzilla.suse.com/show_bug.cgi?id=1223666
* https://bugzilla.suse.com/show_bug.cgi?id=1223668
* https://bugzilla.suse.com/show_bug.cgi?id=1223669
* https://bugzilla.suse.com/show_bug.cgi?id=1223670
* https://bugzilla.suse.com/show_bug.cgi?id=1223671
* https://bugzilla.suse.com/show_bug.cgi?id=1223675
* https://bugzilla.suse.com/show_bug.cgi?id=1223677
* https://bugzilla.suse.com/show_bug.cgi?id=1223678
* https://bugzilla.suse.com/show_bug.cgi?id=1223686
* https://bugzilla.suse.com/show_bug.cgi?id=1223692
* https://bugzilla.suse.com/show_bug.cgi?id=1223693
* https://bugzilla.suse.com/show_bug.cgi?id=1223695
* https://bugzilla.suse.com/show_bug.cgi?id=1223696
* https://bugzilla.suse.com/show_bug.cgi?id=1223698
* https://bugzilla.suse.com/show_bug.cgi?id=1223705
* https://bugzilla.suse.com/show_bug.cgi?id=1223712
* https://bugzilla.suse.com/show_bug.cgi?id=1223718
* https://bugzilla.suse.com/show_bug.cgi?id=1223728
* https://bugzilla.suse.com/show_bug.cgi?id=1223732
* https://bugzilla.suse.com/show_bug.cgi?id=1223735
* https://bugzilla.suse.com/show_bug.cgi?id=1223739
* https://bugzilla.suse.com/show_bug.cgi?id=1223741
* https://bugzilla.suse.com/show_bug.cgi?id=1223744
* https://bugzilla.suse.com/show_bug.cgi?id=1223745
* https://bugzilla.suse.com/show_bug.cgi?id=1223747
* https://bugzilla.suse.com/show_bug.cgi?id=1223748
* https://bugzilla.suse.com/show_bug.cgi?id=1223749
* https://bugzilla.suse.com/show_bug.cgi?id=1223750
* https://bugzilla.suse.com/show_bug.cgi?id=1223752
* https://bugzilla.suse.com/show_bug.cgi?id=1223754
* https://bugzilla.suse.com/show_bug.cgi?id=1223757
* https://bugzilla.suse.com/show_bug.cgi?id=1223759
* https://bugzilla.suse.com/show_bug.cgi?id=1223761
* https://bugzilla.suse.com/show_bug.cgi?id=1223762
* https://bugzilla.suse.com/show_bug.cgi?id=1223774
* https://bugzilla.suse.com/show_bug.cgi?id=1223782
* https://bugzilla.suse.com/show_bug.cgi?id=1223787
* https://bugzilla.suse.com/show_bug.cgi?id=1223788
* https://bugzilla.suse.com/show_bug.cgi?id=1223789
* https://bugzilla.suse.com/show_bug.cgi?id=1223790
* https://bugzilla.suse.com/show_bug.cgi?id=1223802
* https://bugzilla.suse.com/show_bug.cgi?id=1223805
* https://bugzilla.suse.com/show_bug.cgi?id=1223810
* https://bugzilla.suse.com/show_bug.cgi?id=1223822
* https://bugzilla.suse.com/show_bug.cgi?id=1223827
* https://bugzilla.suse.com/show_bug.cgi?id=1223831
* https://bugzilla.suse.com/show_bug.cgi?id=1223834
* https://bugzilla.suse.com/show_bug.cgi?id=1223838
* https://bugzilla.suse.com/show_bug.cgi?id=1223869
* https://bugzilla.suse.com/show_bug.cgi?id=1223870
* https://bugzilla.suse.com/show_bug.cgi?id=1223871
* https://bugzilla.suse.com/show_bug.cgi?id=1223872
* https://bugzilla.suse.com/show_bug.cgi?id=1223874
* https://bugzilla.suse.com/show_bug.cgi?id=1223944
* https://bugzilla.suse.com/show_bug.cgi?id=1223945
* https://bugzilla.suse.com/show_bug.cgi?id=1223946
* https://bugzilla.suse.com/show_bug.cgi?id=1223991
* https://bugzilla.suse.com/show_bug.cgi?id=1224076
* https://bugzilla.suse.com/show_bug.cgi?id=1224096
* https://bugzilla.suse.com/show_bug.cgi?id=1224098
* https://bugzilla.suse.com/show_bug.cgi?id=1224099
* https://bugzilla.suse.com/show_bug.cgi?id=1224137
* https://bugzilla.suse.com/show_bug.cgi?id=1224166
* https://bugzilla.suse.com/show_bug.cgi?id=1224174
* https://bugzilla.suse.com/show_bug.cgi?id=1224177
* https://bugzilla.suse.com/show_bug.cgi?id=1224180
* https://bugzilla.suse.com/show_bug.cgi?id=1224181
* https://bugzilla.suse.com/show_bug.cgi?id=1224331
* https://bugzilla.suse.com/show_bug.cgi?id=1224423
* https://bugzilla.suse.com/show_bug.cgi?id=1224429
* https://bugzilla.suse.com/show_bug.cgi?id=1224430
* https://bugzilla.suse.com/show_bug.cgi?id=1224432
* https://bugzilla.suse.com/show_bug.cgi?id=1224433
* https://bugzilla.suse.com/show_bug.cgi?id=1224437
* https://bugzilla.suse.com/show_bug.cgi?id=1224438
* https://bugzilla.suse.com/show_bug.cgi?id=1224442
* https://bugzilla.suse.com/show_bug.cgi?id=1224443
* https://bugzilla.suse.com/show_bug.cgi?id=1224445
* https://bugzilla.suse.com/show_bug.cgi?id=1224449
* https://bugzilla.suse.com/show_bug.cgi?id=1224477
* https://bugzilla.suse.com/show_bug.cgi?id=1224479
* https://bugzilla.suse.com/show_bug.cgi?id=1224480
* https://bugzilla.suse.com/show_bug.cgi?id=1224481
* https://bugzilla.suse.com/show_bug.cgi?id=1224482
* https://bugzilla.suse.com/show_bug.cgi?id=1224486
* https://bugzilla.suse.com/show_bug.cgi?id=1224487
* https://bugzilla.suse.com/show_bug.cgi?id=1224488
* https://bugzilla.suse.com/show_bug.cgi?id=1224491
* https://bugzilla.suse.com/show_bug.cgi?id=1224492
* https://bugzilla.suse.com/show_bug.cgi?id=1224493
* https://bugzilla.suse.com/show_bug.cgi?id=1224494
* https://bugzilla.suse.com/show_bug.cgi?id=1224495
* https://bugzilla.suse.com/show_bug.cgi?id=1224500
* https://bugzilla.suse.com/show_bug.cgi?id=1224501
* https://bugzilla.suse.com/show_bug.cgi?id=1224502
* https://bugzilla.suse.com/show_bug.cgi?id=1224504
* https://bugzilla.suse.com/show_bug.cgi?id=1224505
* https://bugzilla.suse.com/show_bug.cgi?id=1224506
* https://bugzilla.suse.com/show_bug.cgi?id=1224507
* https://bugzilla.suse.com/show_bug.cgi?id=1224508
* https://bugzilla.suse.com/show_bug.cgi?id=1224509
* https://bugzilla.suse.com/show_bug.cgi?id=1224511
* https://bugzilla.suse.com/show_bug.cgi?id=1224513
* https://bugzilla.suse.com/show_bug.cgi?id=1224517
* https://bugzilla.suse.com/show_bug.cgi?id=1224519
* https://bugzilla.suse.com/show_bug.cgi?id=1224521
* https://bugzilla.suse.com/show_bug.cgi?id=1224524
* https://bugzilla.suse.com/show_bug.cgi?id=1224525
* https://bugzilla.suse.com/show_bug.cgi?id=1224526
* https://bugzilla.suse.com/show_bug.cgi?id=1224530
* https://bugzilla.suse.com/show_bug.cgi?id=1224531
* https://bugzilla.suse.com/show_bug.cgi?id=1224534
* https://bugzilla.suse.com/show_bug.cgi?id=1224537
* https://bugzilla.suse.com/show_bug.cgi?id=1224541
* https://bugzilla.suse.com/show_bug.cgi?id=1224542
* https://bugzilla.suse.com/show_bug.cgi?id=1224543
* https://bugzilla.suse.com/show_bug.cgi?id=1224546
* https://bugzilla.suse.com/show_bug.cgi?id=1224550
* https://bugzilla.suse.com/show_bug.cgi?id=1224552
* https://bugzilla.suse.com/show_bug.cgi?id=1224553
* https://bugzilla.suse.com/show_bug.cgi?id=1224555
* https://bugzilla.suse.com/show_bug.cgi?id=1224557
* https://bugzilla.suse.com/show_bug.cgi?id=1224558
* https://bugzilla.suse.com/show_bug.cgi?id=1224559
* https://bugzilla.suse.com/show_bug.cgi?id=1224562
* https://bugzilla.suse.com/show_bug.cgi?id=1224565
* https://bugzilla.suse.com/show_bug.cgi?id=1224566
* https://bugzilla.suse.com/show_bug.cgi?id=1224567
* https://bugzilla.suse.com/show_bug.cgi?id=1224568
* https://bugzilla.suse.com/show_bug.cgi?id=1224569
* https://bugzilla.suse.com/show_bug.cgi?id=1224571
* https://bugzilla.suse.com/show_bug.cgi?id=1224573
* https://bugzilla.suse.com/show_bug.cgi?id=1224576
* https://bugzilla.suse.com/show_bug.cgi?id=1224577
* https://bugzilla.suse.com/show_bug.cgi?id=1224578
* https://bugzilla.suse.com/show_bug.cgi?id=1224579
* https://bugzilla.suse.com/show_bug.cgi?id=1224580
* https://bugzilla.suse.com/show_bug.cgi?id=1224581
* https://bugzilla.suse.com/show_bug.cgi?id=1224582
* https://bugzilla.suse.com/show_bug.cgi?id=1224585
* https://bugzilla.suse.com/show_bug.cgi?id=1224586
* https://bugzilla.suse.com/show_bug.cgi?id=1224587
* https://bugzilla.suse.com/show_bug.cgi?id=1224588
* https://bugzilla.suse.com/show_bug.cgi?id=1224592
* https://bugzilla.suse.com/show_bug.cgi?id=1224596
* https://bugzilla.suse.com/show_bug.cgi?id=1224598
* https://bugzilla.suse.com/show_bug.cgi?id=1224600
* https://bugzilla.suse.com/show_bug.cgi?id=1224601
* https://bugzilla.suse.com/show_bug.cgi?id=1224602
* https://bugzilla.suse.com/show_bug.cgi?id=1224603
* https://bugzilla.suse.com/show_bug.cgi?id=1224605
* https://bugzilla.suse.com/show_bug.cgi?id=1224607
* https://bugzilla.suse.com/show_bug.cgi?id=1224608
* https://bugzilla.suse.com/show_bug.cgi?id=1224609
* https://bugzilla.suse.com/show_bug.cgi?id=1224611
* https://bugzilla.suse.com/show_bug.cgi?id=1224613
* https://bugzilla.suse.com/show_bug.cgi?id=1224615
* https://bugzilla.suse.com/show_bug.cgi?id=1224617
* https://bugzilla.suse.com/show_bug.cgi?id=1224618
* https://bugzilla.suse.com/show_bug.cgi?id=1224620
* https://bugzilla.suse.com/show_bug.cgi?id=1224621
* https://bugzilla.suse.com/show_bug.cgi?id=1224622
* https://bugzilla.suse.com/show_bug.cgi?id=1224623
* https://bugzilla.suse.com/show_bug.cgi?id=1224624
* https://bugzilla.suse.com/show_bug.cgi?id=1224626
* https://bugzilla.suse.com/show_bug.cgi?id=1224627
* https://bugzilla.suse.com/show_bug.cgi?id=1224628
* https://bugzilla.suse.com/show_bug.cgi?id=1224629
* https://bugzilla.suse.com/show_bug.cgi?id=1224630
* https://bugzilla.suse.com/show_bug.cgi?id=1224632
* https://bugzilla.suse.com/show_bug.cgi?id=1224633
* https://bugzilla.suse.com/show_bug.cgi?id=1224634
* https://bugzilla.suse.com/show_bug.cgi?id=1224636
* https://bugzilla.suse.com/show_bug.cgi?id=1224637
* https://bugzilla.suse.com/show_bug.cgi?id=1224638
* https://bugzilla.suse.com/show_bug.cgi?id=1224639
* https://bugzilla.suse.com/show_bug.cgi?id=1224640
* https://bugzilla.suse.com/show_bug.cgi?id=1224643
* https://bugzilla.suse.com/show_bug.cgi?id=1224644
* https://bugzilla.suse.com/show_bug.cgi?id=1224645
* https://bugzilla.suse.com/show_bug.cgi?id=1224646
* https://bugzilla.suse.com/show_bug.cgi?id=1224647
* https://bugzilla.suse.com/show_bug.cgi?id=1224648
* https://bugzilla.suse.com/show_bug.cgi?id=1224649
* https://bugzilla.suse.com/show_bug.cgi?id=1224650
* https://bugzilla.suse.com/show_bug.cgi?id=1224651
* https://bugzilla.suse.com/show_bug.cgi?id=1224652
* https://bugzilla.suse.com/show_bug.cgi?id=1224653
* https://bugzilla.suse.com/show_bug.cgi?id=1224654
* https://bugzilla.suse.com/show_bug.cgi?id=1224657
* https://bugzilla.suse.com/show_bug.cgi?id=1224660
* https://bugzilla.suse.com/show_bug.cgi?id=1224663
* https://bugzilla.suse.com/show_bug.cgi?id=1224664
* https://bugzilla.suse.com/show_bug.cgi?id=1224665
* https://bugzilla.suse.com/show_bug.cgi?id=1224666
* https://bugzilla.suse.com/show_bug.cgi?id=1224667
* https://bugzilla.suse.com/show_bug.cgi?id=1224668
* https://bugzilla.suse.com/show_bug.cgi?id=1224671
* https://bugzilla.suse.com/show_bug.cgi?id=1224672
* https://bugzilla.suse.com/show_bug.cgi?id=1224674
* https://bugzilla.suse.com/show_bug.cgi?id=1224675
* https://bugzilla.suse.com/show_bug.cgi?id=1224676
* https://bugzilla.suse.com/show_bug.cgi?id=1224677
* https://bugzilla.suse.com/show_bug.cgi?id=1224678
* https://bugzilla.suse.com/show_bug.cgi?id=1224679
* https://bugzilla.suse.com/show_bug.cgi?id=1224680
* https://bugzilla.suse.com/show_bug.cgi?id=1224681
* https://bugzilla.suse.com/show_bug.cgi?id=1224682
* https://bugzilla.suse.com/show_bug.cgi?id=1224683
* https://bugzilla.suse.com/show_bug.cgi?id=1224685
* https://bugzilla.suse.com/show_bug.cgi?id=1224686
* https://bugzilla.suse.com/show_bug.cgi?id=1224687
* https://bugzilla.suse.com/show_bug.cgi?id=1224688
* https://bugzilla.suse.com/show_bug.cgi?id=1224692
* https://bugzilla.suse.com/show_bug.cgi?id=1224696
* https://bugzilla.suse.com/show_bug.cgi?id=1224697
* https://bugzilla.suse.com/show_bug.cgi?id=1224699
* https://bugzilla.suse.com/show_bug.cgi?id=1224701
* https://bugzilla.suse.com/show_bug.cgi?id=1224703
* https://bugzilla.suse.com/show_bug.cgi?id=1224704
* https://bugzilla.suse.com/show_bug.cgi?id=1224705
* https://bugzilla.suse.com/show_bug.cgi?id=1224706
* https://bugzilla.suse.com/show_bug.cgi?id=1224707
* https://bugzilla.suse.com/show_bug.cgi?id=1224709
* https://bugzilla.suse.com/show_bug.cgi?id=1224710
* https://bugzilla.suse.com/show_bug.cgi?id=1224712
* https://bugzilla.suse.com/show_bug.cgi?id=1224714
* https://bugzilla.suse.com/show_bug.cgi?id=1224716
* https://bugzilla.suse.com/show_bug.cgi?id=1224717
* https://bugzilla.suse.com/show_bug.cgi?id=1224718
* https://bugzilla.suse.com/show_bug.cgi?id=1224719
* https://bugzilla.suse.com/show_bug.cgi?id=1224720
* https://bugzilla.suse.com/show_bug.cgi?id=1224721
* https://bugzilla.suse.com/show_bug.cgi?id=1224722
* https://bugzilla.suse.com/show_bug.cgi?id=1224723
* https://bugzilla.suse.com/show_bug.cgi?id=1224725
* https://bugzilla.suse.com/show_bug.cgi?id=1224727
* https://bugzilla.suse.com/show_bug.cgi?id=1224728
* https://bugzilla.suse.com/show_bug.cgi?id=1224729
* https://bugzilla.suse.com/show_bug.cgi?id=1224730
* https://bugzilla.suse.com/show_bug.cgi?id=1224731
* https://bugzilla.suse.com/show_bug.cgi?id=1224732
* https://bugzilla.suse.com/show_bug.cgi?id=1224733
* https://bugzilla.suse.com/show_bug.cgi?id=1224736
* https://bugzilla.suse.com/show_bug.cgi?id=1224738
* https://bugzilla.suse.com/show_bug.cgi?id=1224739
* https://bugzilla.suse.com/show_bug.cgi?id=1224740
* https://bugzilla.suse.com/show_bug.cgi?id=1224741
* https://bugzilla.suse.com/show_bug.cgi?id=1224742
* https://bugzilla.suse.com/show_bug.cgi?id=1224747
* https://bugzilla.suse.com/show_bug.cgi?id=1224749
* https://bugzilla.suse.com/show_bug.cgi?id=1224763
* https://bugzilla.suse.com/show_bug.cgi?id=1224764
* https://bugzilla.suse.com/show_bug.cgi?id=1224765
* https://bugzilla.suse.com/show_bug.cgi?id=1224766
* https://bugzilla.suse.com/show_bug.cgi?id=1224790
* https://bugzilla.suse.com/show_bug.cgi?id=1224792
* https://bugzilla.suse.com/show_bug.cgi?id=1224793
* https://bugzilla.suse.com/show_bug.cgi?id=1224803
* https://bugzilla.suse.com/show_bug.cgi?id=1224804
* https://bugzilla.suse.com/show_bug.cgi?id=1224866
* https://bugzilla.suse.com/show_bug.cgi?id=1224936
* https://bugzilla.suse.com/show_bug.cgi?id=1224989
* https://bugzilla.suse.com/show_bug.cgi?id=1225007
* https://bugzilla.suse.com/show_bug.cgi?id=1225053
* https://bugzilla.suse.com/show_bug.cgi?id=1225133
* https://bugzilla.suse.com/show_bug.cgi?id=1225134
* https://bugzilla.suse.com/show_bug.cgi?id=1225136
* https://bugzilla.suse.com/show_bug.cgi?id=1225172
* https://bugzilla.suse.com/show_bug.cgi?id=1225502
* https://bugzilla.suse.com/show_bug.cgi?id=1225578
* https://bugzilla.suse.com/show_bug.cgi?id=1225579
* https://bugzilla.suse.com/show_bug.cgi?id=1225580
* https://bugzilla.suse.com/show_bug.cgi?id=1225593
* https://bugzilla.suse.com/show_bug.cgi?id=1225605
* https://bugzilla.suse.com/show_bug.cgi?id=1225607
* https://bugzilla.suse.com/show_bug.cgi?id=1225610
* https://bugzilla.suse.com/show_bug.cgi?id=1225616
* https://bugzilla.suse.com/show_bug.cgi?id=1225618
* https://bugzilla.suse.com/show_bug.cgi?id=1225640
* https://bugzilla.suse.com/show_bug.cgi?id=1225642
* https://bugzilla.suse.com/show_bug.cgi?id=1225692
* https://bugzilla.suse.com/show_bug.cgi?id=1225694
* https://bugzilla.suse.com/show_bug.cgi?id=1225695
* https://bugzilla.suse.com/show_bug.cgi?id=1225696
* https://bugzilla.suse.com/show_bug.cgi?id=1225698
* https://bugzilla.suse.com/show_bug.cgi?id=1225699
* https://bugzilla.suse.com/show_bug.cgi?id=1225704
* https://bugzilla.suse.com/show_bug.cgi?id=1225705
* https://bugzilla.suse.com/show_bug.cgi?id=1225708
* https://bugzilla.suse.com/show_bug.cgi?id=1225710
* https://bugzilla.suse.com/show_bug.cgi?id=1225712
* https://bugzilla.suse.com/show_bug.cgi?id=1225714
* https://bugzilla.suse.com/show_bug.cgi?id=1225715
* https://bugzilla.suse.com/show_bug.cgi?id=1225720
* https://bugzilla.suse.com/show_bug.cgi?id=1225722
* https://bugzilla.suse.com/show_bug.cgi?id=1225728
* https://bugzilla.suse.com/show_bug.cgi?id=1225734
* https://bugzilla.suse.com/show_bug.cgi?id=1225735
* https://bugzilla.suse.com/show_bug.cgi?id=1225736
* https://bugzilla.suse.com/show_bug.cgi?id=1225747
* https://bugzilla.suse.com/show_bug.cgi?id=1225748
* https://bugzilla.suse.com/show_bug.cgi?id=1225749
* https://bugzilla.suse.com/show_bug.cgi?id=1225750
* https://bugzilla.suse.com/show_bug.cgi?id=1225756
* https://bugzilla.suse.com/show_bug.cgi?id=1225765
* https://bugzilla.suse.com/show_bug.cgi?id=1225766
* https://bugzilla.suse.com/show_bug.cgi?id=1225769
* https://bugzilla.suse.com/show_bug.cgi?id=1225773
* https://bugzilla.suse.com/show_bug.cgi?id=1225775
* https://bugzilla.suse.com/show_bug.cgi?id=1225842
* https://bugzilla.suse.com/show_bug.cgi?id=1225945
* https://bugzilla.suse.com/show_bug.cgi?id=1226158
* https://jira.suse.com/browse/PED-8111
* https://jira.suse.com/browse/PED-8240



SUSE-SU-2024:2052-1: important: Security update for libaom


# Security update for libaom

Announcement ID: SUSE-SU-2024:2052-1
Rating: important
References:

* bsc#1226020

Cross-References:

* CVE-2024-5171

CVSS scores:

* CVE-2024-5171 ( SUSE ): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-5171 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected Products:

* Basesystem Module 15-SP5
* openSUSE Leap 15.4
* openSUSE Leap 15.5
* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4
* SUSE Linux Enterprise Desktop 15 SP5
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
* SUSE Linux Enterprise Real Time 15 SP5
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Manager Proxy 4.3
* SUSE Manager Retail Branch Server 4.3
* SUSE Manager Server 4.3

An update that solves one vulnerability can now be installed.

## Description:

This update for libaom fixes the following issues:

* CVE-2024-5171: Fixed heap buffer overflow in img_alloc_helper() caused by
integer overflow (bsc#1226020).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-2052=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-2052=1

* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4
zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-2052=1

* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4
zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-2052=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP4
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-2052=1

* SUSE Manager Proxy 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-2052=1

* SUSE Manager Retail Branch Server 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-
Server-4.3-2024-2052=1

* SUSE Manager Server 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-2052=1

* openSUSE Leap 15.4
zypper in -t patch SUSE-2024-2052=1

* openSUSE Leap 15.5
zypper in -t patch openSUSE-SLE-15.5-2024-2052=1

* Basesystem Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-2052=1

## Package List:

* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
x86_64)
* libaom-debugsource-3.2.0-150400.3.6.1
* libaom3-3.2.0-150400.3.6.1
* libaom3-debuginfo-3.2.0-150400.3.6.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
x86_64)
* libaom-debugsource-3.2.0-150400.3.6.1
* libaom3-3.2.0-150400.3.6.1
* libaom3-debuginfo-3.2.0-150400.3.6.1
* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64)
* libaom-debugsource-3.2.0-150400.3.6.1
* libaom3-3.2.0-150400.3.6.1
* libaom3-debuginfo-3.2.0-150400.3.6.1
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x
x86_64)
* libaom-debugsource-3.2.0-150400.3.6.1
* libaom3-3.2.0-150400.3.6.1
* libaom3-debuginfo-3.2.0-150400.3.6.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
* libaom-debugsource-3.2.0-150400.3.6.1
* libaom3-3.2.0-150400.3.6.1
* libaom3-debuginfo-3.2.0-150400.3.6.1
* SUSE Manager Proxy 4.3 (x86_64)
* libaom-debugsource-3.2.0-150400.3.6.1
* libaom3-3.2.0-150400.3.6.1
* libaom3-debuginfo-3.2.0-150400.3.6.1
* SUSE Manager Retail Branch Server 4.3 (x86_64)
* libaom-debugsource-3.2.0-150400.3.6.1
* libaom3-3.2.0-150400.3.6.1
* libaom3-debuginfo-3.2.0-150400.3.6.1
* SUSE Manager Server 4.3 (ppc64le s390x x86_64)
* libaom-debugsource-3.2.0-150400.3.6.1
* libaom3-3.2.0-150400.3.6.1
* libaom3-debuginfo-3.2.0-150400.3.6.1
* openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
* aom-tools-debuginfo-3.2.0-150400.3.6.1
* aom-tools-3.2.0-150400.3.6.1
* libaom-debugsource-3.2.0-150400.3.6.1
* libaom3-debuginfo-3.2.0-150400.3.6.1
* libaom3-3.2.0-150400.3.6.1
* libaom-devel-3.2.0-150400.3.6.1
* openSUSE Leap 15.4 (noarch)
* libaom-devel-doc-3.2.0-150400.3.6.1
* openSUSE Leap 15.4 (x86_64)
* libaom3-32bit-debuginfo-3.2.0-150400.3.6.1
* libaom3-32bit-3.2.0-150400.3.6.1
* openSUSE Leap 15.4 (aarch64_ilp32)
* libaom3-64bit-3.2.0-150400.3.6.1
* libaom3-64bit-debuginfo-3.2.0-150400.3.6.1
* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64)
* aom-tools-debuginfo-3.2.0-150400.3.6.1
* aom-tools-3.2.0-150400.3.6.1
* libaom-debugsource-3.2.0-150400.3.6.1
* libaom3-debuginfo-3.2.0-150400.3.6.1
* libaom3-3.2.0-150400.3.6.1
* libaom-devel-3.2.0-150400.3.6.1
* openSUSE Leap 15.5 (noarch)
* libaom-devel-doc-3.2.0-150400.3.6.1
* openSUSE Leap 15.5 (x86_64)
* libaom3-32bit-debuginfo-3.2.0-150400.3.6.1
* libaom3-32bit-3.2.0-150400.3.6.1
* Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64)
* libaom-debugsource-3.2.0-150400.3.6.1
* libaom3-3.2.0-150400.3.6.1
* libaom3-debuginfo-3.2.0-150400.3.6.1

## References:

* https://www.suse.com/security/cve/CVE-2024-5171.html
* https://bugzilla.suse.com/show_bug.cgi?id=1226020



SUSE-SU-2024:1079-2: important: Security update for netty, netty-tcnative


# Security update for netty, netty-tcnative

Announcement ID: SUSE-SU-2024:1079-2
Rating: important
References:

* bsc#1222045

Cross-References:

* CVE-2024-29025

CVSS scores:

* CVE-2024-29025 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products:

* Development Tools Module 15-SP6
* openSUSE Leap 15.6
* SUSE Linux Enterprise Desktop 15 SP6
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
* SUSE Package Hub 15 15-SP6

An update that solves one vulnerability can now be installed.

## Description:

This update for netty, netty-tcnative fixes the following issues:

* CVE-2024-29025: Fixed out of memory due to large number of form fields
(bsc#1222045).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.6
zypper in -t patch openSUSE-SLE-15.6-2024-1079=1

* Development Tools Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2024-1079=1

* SUSE Package Hub 15 15-SP6
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2024-1079=1

## Package List:

* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
* netty-4.1.108-150200.4.23.1
* netty-tcnative-2.0.65-150200.3.19.1
* openSUSE Leap 15.6 (noarch)
* netty-poms-4.1.108-150200.4.23.1
* netty-javadoc-4.1.108-150200.4.23.1
* netty-tcnative-javadoc-2.0.65-150200.3.19.1
* Development Tools Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* netty-tcnative-2.0.65-150200.3.19.1
* SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x x86_64)
* netty-4.1.108-150200.4.23.1
* SUSE Package Hub 15 15-SP6 (noarch)
* netty-poms-4.1.108-150200.4.23.1
* netty-javadoc-4.1.108-150200.4.23.1

## References:

* https://www.suse.com/security/cve/CVE-2024-29025.html
* https://bugzilla.suse.com/show_bug.cgi?id=1222045



SUSE-SU-2024:1486-2: moderate: Security update for cosign


# Security update for cosign

Announcement ID: SUSE-SU-2024:1486-2
Rating: moderate
References:

* bsc#1222835
* bsc#1222837
* jsc#SLE-23879

Cross-References:

* CVE-2024-29902
* CVE-2024-29903

CVSS scores:

* CVE-2024-29902 ( SUSE ): 4.2 CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:N/A:H
* CVE-2024-29903 ( SUSE ): 4.2 CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:N/A:H

Affected Products:

* Basesystem Module 15-SP6
* openSUSE Leap 15.6
* SUSE Linux Enterprise Desktop 15 SP6
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP6

An update that solves two vulnerabilities and contains one feature can now be
installed.

## Description:

This update for cosign fixes the following issues:

* CVE-2024-29902: Fixed denial of service on host machine via remote image
with a malicious attachments (bsc#1222835)
* CVE-2024-29903: Fixed denial of service on host machine via malicious
software artifacts (bsc#1222837)

Other fixes: \- Updated to 2.2.4 (jsc#SLE-23879) * Fixes for GHSA-88jx-383q-w4qc
and GHSA-95pr-fxf5-86gv (#3661) * ErrNoSignaturesFound should be used when there
is no signature attached to an image. (#3526) * fix semgrep issues for
dgryski.semgrep-go ruleset (#3541) * Honor creation timestamp for signatures
again (#3549) * Features * Adds Support for Fulcio Client Credentials Flow, and
Argument to Set Flow Explicitly (#3578)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.6
zypper in -t patch openSUSE-SLE-15.6-2024-1486=1

* Basesystem Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-1486=1

## Package List:

* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
* cosign-debuginfo-2.2.4-150400.3.20.1
* cosign-2.2.4-150400.3.20.1
* Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* cosign-debuginfo-2.2.4-150400.3.20.1
* cosign-2.2.4-150400.3.20.1

## References:

* https://www.suse.com/security/cve/CVE-2024-29902.html
* https://www.suse.com/security/cve/CVE-2024-29903.html
* https://bugzilla.suse.com/show_bug.cgi?id=1222835
* https://bugzilla.suse.com/show_bug.cgi?id=1222837
* https://jira.suse.com/browse/SLE-23879



SUSE-SU-2024:2187-1: moderate: Security update for ntfs-3g_ntfsprogs


# Security update for ntfs-3g_ntfsprogs

Announcement ID: SUSE-SU-2024:2187-1
Rating: moderate
References:

* bsc#1226007

Cross-References:

* CVE-2023-52890

CVSS scores:

* CVE-2023-52890 ( SUSE ): 4.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L

Affected Products:

* Basesystem Module 15-SP6
* Development Tools Module 15-SP6
* openSUSE Leap 15.5
* openSUSE Leap 15.6
* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4
* SUSE Linux Enterprise Desktop 15 SP5
* SUSE Linux Enterprise Desktop 15 SP6
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
* SUSE Linux Enterprise Workstation Extension 15 SP5

An update that solves one vulnerability can now be installed.

## Description:

This update for ntfs-3g_ntfsprogs fixes the following issue:

* CVE-2023-52890: fix a use after free in ntfs_uppercase_mbs (bsc#1226007)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.5
zypper in -t patch openSUSE-SLE-15.5-2024-2187=1

* openSUSE Leap 15.6
zypper in -t patch openSUSE-SLE-15.6-2024-2187=1

* Basesystem Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-2187=1

* Development Tools Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2024-2187=1

* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4
zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-2187=1

* SUSE Linux Enterprise Workstation Extension 15 SP5
zypper in -t patch SUSE-SLE-Product-WE-15-SP5-2024-2187=1

## Package List:

* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64)
* libntfs-3g87-debuginfo-2022.5.17-150000.3.21.1
* ntfs-3g-2022.5.17-150000.3.21.1
* ntfsprogs-2022.5.17-150000.3.21.1
* ntfsprogs-extra-2022.5.17-150000.3.21.1
* ntfs-3g_ntfsprogs-debuginfo-2022.5.17-150000.3.21.1
* ntfs-3g-debuginfo-2022.5.17-150000.3.21.1
* libntfs-3g-devel-2022.5.17-150000.3.21.1
* libntfs-3g87-2022.5.17-150000.3.21.1
* ntfsprogs-extra-debuginfo-2022.5.17-150000.3.21.1
* ntfs-3g_ntfsprogs-debugsource-2022.5.17-150000.3.21.1
* ntfsprogs-debuginfo-2022.5.17-150000.3.21.1
* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
* libntfs-3g87-debuginfo-2022.5.17-150000.3.21.1
* ntfs-3g-2022.5.17-150000.3.21.1
* ntfsprogs-2022.5.17-150000.3.21.1
* ntfsprogs-extra-2022.5.17-150000.3.21.1
* ntfs-3g_ntfsprogs-debuginfo-2022.5.17-150000.3.21.1
* ntfs-3g-debuginfo-2022.5.17-150000.3.21.1
* libntfs-3g-devel-2022.5.17-150000.3.21.1
* libntfs-3g87-2022.5.17-150000.3.21.1
* ntfsprogs-extra-debuginfo-2022.5.17-150000.3.21.1
* ntfs-3g_ntfsprogs-debugsource-2022.5.17-150000.3.21.1
* ntfsprogs-debuginfo-2022.5.17-150000.3.21.1
* Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* libntfs-3g87-debuginfo-2022.5.17-150000.3.21.1
* ntfs-3g-2022.5.17-150000.3.21.1
* ntfsprogs-2022.5.17-150000.3.21.1
* ntfs-3g_ntfsprogs-debuginfo-2022.5.17-150000.3.21.1
* ntfs-3g-debuginfo-2022.5.17-150000.3.21.1
* libntfs-3g87-2022.5.17-150000.3.21.1
* ntfs-3g_ntfsprogs-debugsource-2022.5.17-150000.3.21.1
* ntfsprogs-debuginfo-2022.5.17-150000.3.21.1
* Development Tools Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* libntfs-3g-devel-2022.5.17-150000.3.21.1
* ntfs-3g_ntfsprogs-debugsource-2022.5.17-150000.3.21.1
* ntfs-3g_ntfsprogs-debuginfo-2022.5.17-150000.3.21.1
* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64)
* libntfs-3g87-debuginfo-2022.5.17-150000.3.21.1
* ntfs-3g-2022.5.17-150000.3.21.1
* ntfsprogs-2022.5.17-150000.3.21.1
* ntfs-3g_ntfsprogs-debuginfo-2022.5.17-150000.3.21.1
* ntfs-3g-debuginfo-2022.5.17-150000.3.21.1
* libntfs-3g-devel-2022.5.17-150000.3.21.1
* libntfs-3g87-2022.5.17-150000.3.21.1
* ntfs-3g_ntfsprogs-debugsource-2022.5.17-150000.3.21.1
* ntfsprogs-debuginfo-2022.5.17-150000.3.21.1
* SUSE Linux Enterprise Workstation Extension 15 SP5 (x86_64)
* libntfs-3g87-debuginfo-2022.5.17-150000.3.21.1
* ntfs-3g-2022.5.17-150000.3.21.1
* ntfsprogs-2022.5.17-150000.3.21.1
* ntfs-3g_ntfsprogs-debuginfo-2022.5.17-150000.3.21.1
* ntfs-3g-debuginfo-2022.5.17-150000.3.21.1
* libntfs-3g-devel-2022.5.17-150000.3.21.1
* libntfs-3g87-2022.5.17-150000.3.21.1
* ntfs-3g_ntfsprogs-debugsource-2022.5.17-150000.3.21.1
* ntfsprogs-debuginfo-2022.5.17-150000.3.21.1

## References:

* https://www.suse.com/security/cve/CVE-2023-52890.html
* https://bugzilla.suse.com/show_bug.cgi?id=1226007



SUSE-SU-2024:2947-1: important: Security update for the Linux Kernel


# Security update for the Linux Kernel

Announcement ID: SUSE-SU-2024:2947-1
Rating: important
References:

* bsc#1082555
* bsc#1193454
* bsc#1193554
* bsc#1193787
* bsc#1194324
* bsc#1194869
* bsc#1195357
* bsc#1195668
* bsc#1195927
* bsc#1195957
* bsc#1196018
* bsc#1196823
* bsc#1197146
* bsc#1197246
* bsc#1197762
* bsc#1202346
* bsc#1202686
* bsc#1208783
* bsc#1209636
* bsc#1213123
* bsc#1215492
* bsc#1215587
* bsc#1216834
* bsc#1219832
* bsc#1220138
* bsc#1220185
* bsc#1220186
* bsc#1220187
* bsc#1220869
* bsc#1220876
* bsc#1220942
* bsc#1220952
* bsc#1221010
* bsc#1221044
* bsc#1221647
* bsc#1221654
* bsc#1221656
* bsc#1221659
* bsc#1221777
* bsc#1222011
* bsc#1222323
* bsc#1222326
* bsc#1222328
* bsc#1222625
* bsc#1222702
* bsc#1222728
* bsc#1222799
* bsc#1222809
* bsc#1222810
* bsc#1223021
* bsc#1223180
* bsc#1223635
* bsc#1223652
* bsc#1223675
* bsc#1223778
* bsc#1223806
* bsc#1223813
* bsc#1223815
* bsc#1223836
* bsc#1223863
* bsc#1224414
* bsc#1224499
* bsc#1224500
* bsc#1224512
* bsc#1224516
* bsc#1224517
* bsc#1224545
* bsc#1224548
* bsc#1224557
* bsc#1224572
* bsc#1224573
* bsc#1224585
* bsc#1224604
* bsc#1224636
* bsc#1224641
* bsc#1224683
* bsc#1224694
* bsc#1224700
* bsc#1224743
* bsc#1225088
* bsc#1225272
* bsc#1225301
* bsc#1225475
* bsc#1225489
* bsc#1225504
* bsc#1225505
* bsc#1225564
* bsc#1225573
* bsc#1225581
* bsc#1225586
* bsc#1225711
* bsc#1225717
* bsc#1225719
* bsc#1225744
* bsc#1225745
* bsc#1225746
* bsc#1225752
* bsc#1225753
* bsc#1225757
* bsc#1225767
* bsc#1225810
* bsc#1225815
* bsc#1225820
* bsc#1225829
* bsc#1225835
* bsc#1225838
* bsc#1225839
* bsc#1225843
* bsc#1225847
* bsc#1225851
* bsc#1225856
* bsc#1225895
* bsc#1225898
* bsc#1225903
* bsc#1226202
* bsc#1226502
* bsc#1226519
* bsc#1226551
* bsc#1226555
* bsc#1226565
* bsc#1226568
* bsc#1226570
* bsc#1226571
* bsc#1226574
* bsc#1226588
* bsc#1226607
* bsc#1226650
* bsc#1226698
* bsc#1226713
* bsc#1226716
* bsc#1226750
* bsc#1226757
* bsc#1226758
* bsc#1226775
* bsc#1226783
* bsc#1226785
* bsc#1226834
* bsc#1226837
* bsc#1226911
* bsc#1226990
* bsc#1226993
* bsc#1227090
* bsc#1227121
* bsc#1227157
* bsc#1227162
* bsc#1227362
* bsc#1227383
* bsc#1227432
* bsc#1227435
* bsc#1227447
* bsc#1227487
* bsc#1227549
* bsc#1227573
* bsc#1227618
* bsc#1227620
* bsc#1227626
* bsc#1227635
* bsc#1227661
* bsc#1227716
* bsc#1227722
* bsc#1227724
* bsc#1227725
* bsc#1227728
* bsc#1227729
* bsc#1227730
* bsc#1227732
* bsc#1227733
* bsc#1227750
* bsc#1227754
* bsc#1227755
* bsc#1227760
* bsc#1227762
* bsc#1227763
* bsc#1227764
* bsc#1227766
* bsc#1227770
* bsc#1227771
* bsc#1227772
* bsc#1227774
* bsc#1227779
* bsc#1227780
* bsc#1227783
* bsc#1227786
* bsc#1227787
* bsc#1227790
* bsc#1227792
* bsc#1227796
* bsc#1227797
* bsc#1227798
* bsc#1227800
* bsc#1227802
* bsc#1227806
* bsc#1227808
* bsc#1227810
* bsc#1227812
* bsc#1227813
* bsc#1227814
* bsc#1227816
* bsc#1227820
* bsc#1227823
* bsc#1227824
* bsc#1227828
* bsc#1227829
* bsc#1227836
* bsc#1227846
* bsc#1227849
* bsc#1227851
* bsc#1227862
* bsc#1227864
* bsc#1227865
* bsc#1227866
* bsc#1227870
* bsc#1227884
* bsc#1227886
* bsc#1227891
* bsc#1227893
* bsc#1227899
* bsc#1227900
* bsc#1227910
* bsc#1227913
* bsc#1227917
* bsc#1227919
* bsc#1227920
* bsc#1227921
* bsc#1227922
* bsc#1227923
* bsc#1227924
* bsc#1227925
* bsc#1227927
* bsc#1227928
* bsc#1227931
* bsc#1227932
* bsc#1227933
* bsc#1227935
* bsc#1227936
* bsc#1227938
* bsc#1227941
* bsc#1227942
* bsc#1227944
* bsc#1227945
* bsc#1227947
* bsc#1227948
* bsc#1227949
* bsc#1227950
* bsc#1227952
* bsc#1227953
* bsc#1227954
* bsc#1227956
* bsc#1227957
* bsc#1227963
* bsc#1227964
* bsc#1227965
* bsc#1227968
* bsc#1227969
* bsc#1227970
* bsc#1227971
* bsc#1227972
* bsc#1227975
* bsc#1227976
* bsc#1227981
* bsc#1227982
* bsc#1227985
* bsc#1227986
* bsc#1227987
* bsc#1227988
* bsc#1227989
* bsc#1227990
* bsc#1227991
* bsc#1227992
* bsc#1227993
* bsc#1227995
* bsc#1227996
* bsc#1227997
* bsc#1228000
* bsc#1228002
* bsc#1228003
* bsc#1228004
* bsc#1228005
* bsc#1228006
* bsc#1228007
* bsc#1228008
* bsc#1228009
* bsc#1228010
* bsc#1228011
* bsc#1228013
* bsc#1228014
* bsc#1228015
* bsc#1228019
* bsc#1228020
* bsc#1228025
* bsc#1228028
* bsc#1228035
* bsc#1228037
* bsc#1228038
* bsc#1228039
* bsc#1228040
* bsc#1228045
* bsc#1228054
* bsc#1228055
* bsc#1228056
* bsc#1228060
* bsc#1228061
* bsc#1228062
* bsc#1228063
* bsc#1228064
* bsc#1228066
* bsc#1228067
* bsc#1228068
* bsc#1228071
* bsc#1228079
* bsc#1228090
* bsc#1228114
* bsc#1228140
* bsc#1228190
* bsc#1228191
* bsc#1228195
* bsc#1228202
* bsc#1228226
* bsc#1228235
* bsc#1228237
* bsc#1228247
* bsc#1228327
* bsc#1228328
* bsc#1228330
* bsc#1228403
* bsc#1228405
* bsc#1228408
* bsc#1228409
* bsc#1228410
* bsc#1228418
* bsc#1228440
* bsc#1228459
* bsc#1228462
* bsc#1228470
* bsc#1228518
* bsc#1228520
* bsc#1228530
* bsc#1228561
* bsc#1228565
* bsc#1228580
* bsc#1228581
* bsc#1228591
* bsc#1228599
* bsc#1228617
* bsc#1228625
* bsc#1228626
* bsc#1228633
* bsc#1228640
* bsc#1228644
* bsc#1228649
* bsc#1228655
* bsc#1228665
* bsc#1228672
* bsc#1228680
* bsc#1228705
* bsc#1228723
* bsc#1228743
* bsc#1228756
* bsc#1228801
* bsc#1228850
* bsc#1228857
* jsc#PED-8582
* jsc#PED-8690

Cross-References:

* CVE-2021-47086
* CVE-2021-47103
* CVE-2021-47186
* CVE-2021-47402
* CVE-2021-47546
* CVE-2021-47547
* CVE-2021-47588
* CVE-2021-47590
* CVE-2021-47591
* CVE-2021-47593
* CVE-2021-47598
* CVE-2021-47599
* CVE-2021-47606
* CVE-2021-47622
* CVE-2021-47623
* CVE-2021-47624
* CVE-2022-48713
* CVE-2022-48730
* CVE-2022-48732
* CVE-2022-48749
* CVE-2022-48756
* CVE-2022-48773
* CVE-2022-48774
* CVE-2022-48775
* CVE-2022-48776
* CVE-2022-48777
* CVE-2022-48778
* CVE-2022-48780
* CVE-2022-48783
* CVE-2022-48784
* CVE-2022-48785
* CVE-2022-48786
* CVE-2022-48787
* CVE-2022-48788
* CVE-2022-48789
* CVE-2022-48790
* CVE-2022-48791
* CVE-2022-48792
* CVE-2022-48793
* CVE-2022-48794
* CVE-2022-48796
* CVE-2022-48797
* CVE-2022-48798
* CVE-2022-48799
* CVE-2022-48800
* CVE-2022-48801
* CVE-2022-48802
* CVE-2022-48803
* CVE-2022-48804
* CVE-2022-48805
* CVE-2022-48806
* CVE-2022-48807
* CVE-2022-48809
* CVE-2022-48810
* CVE-2022-48811
* CVE-2022-48812
* CVE-2022-48813
* CVE-2022-48814
* CVE-2022-48815
* CVE-2022-48816
* CVE-2022-48817
* CVE-2022-48818
* CVE-2022-48820
* CVE-2022-48821
* CVE-2022-48822
* CVE-2022-48823
* CVE-2022-48824
* CVE-2022-48825
* CVE-2022-48826
* CVE-2022-48827
* CVE-2022-48828
* CVE-2022-48829
* CVE-2022-48830
* CVE-2022-48831
* CVE-2022-48834
* CVE-2022-48835
* CVE-2022-48836
* CVE-2022-48837
* CVE-2022-48838
* CVE-2022-48839
* CVE-2022-48840
* CVE-2022-48841
* CVE-2022-48842
* CVE-2022-48843
* CVE-2022-48844
* CVE-2022-48846
* CVE-2022-48847
* CVE-2022-48849
* CVE-2022-48850
* CVE-2022-48851
* CVE-2022-48852
* CVE-2022-48853
* CVE-2022-48855
* CVE-2022-48856
* CVE-2022-48857
* CVE-2022-48858
* CVE-2022-48859
* CVE-2022-48860
* CVE-2022-48861
* CVE-2022-48862
* CVE-2022-48863
* CVE-2022-48864
* CVE-2022-48866
* CVE-2023-1582
* CVE-2023-37453
* CVE-2023-52435
* CVE-2023-52573
* CVE-2023-52580
* CVE-2023-52591
* CVE-2023-52735
* CVE-2023-52751
* CVE-2023-52762
* CVE-2023-52775
* CVE-2023-52812
* CVE-2023-52857
* CVE-2023-52863
* CVE-2023-52885
* CVE-2023-52886
* CVE-2024-25741
* CVE-2024-26583
* CVE-2024-26584
* CVE-2024-26585
* CVE-2024-26615
* CVE-2024-26633
* CVE-2024-26635
* CVE-2024-26636
* CVE-2024-26641
* CVE-2024-26661
* CVE-2024-26663
* CVE-2024-26665
* CVE-2024-26800
* CVE-2024-26802
* CVE-2024-26813
* CVE-2024-26814
* CVE-2024-26863
* CVE-2024-26889
* CVE-2024-26920
* CVE-2024-26935
* CVE-2024-269355
* CVE-2024-26961
* CVE-2024-26976
* CVE-2024-27015
* CVE-2024-27019
* CVE-2024-27020
* CVE-2024-27025
* CVE-2024-27065
* CVE-2024-27402
* CVE-2024-27437
* CVE-2024-35805
* CVE-2024-35819
* CVE-2024-35837
* CVE-2024-35853
* CVE-2024-35854
* CVE-2024-35855
* CVE-2024-35889
* CVE-2024-35890
* CVE-2024-35893
* CVE-2024-35899
* CVE-2024-35934
* CVE-2024-35949
* CVE-2024-35961
* CVE-2024-35979
* CVE-2024-35995
* CVE-2024-36000
* CVE-2024-36004
* CVE-2024-36288
* CVE-2024-36889
* CVE-2024-36901
* CVE-2024-36902
* CVE-2024-36909
* CVE-2024-36910
* CVE-2024-36911
* CVE-2024-36912
* CVE-2024-36913
* CVE-2024-36914
* CVE-2024-36919
* CVE-2024-36923
* CVE-2024-36924
* CVE-2024-36926
* CVE-2024-36939
* CVE-2024-36941
* CVE-2024-36942
* CVE-2024-36944
* CVE-2024-36946
* CVE-2024-36947
* CVE-2024-36950
* CVE-2024-36952
* CVE-2024-36955
* CVE-2024-36959
* CVE-2024-36974
* CVE-2024-38548
* CVE-2024-38555
* CVE-2024-38558
* CVE-2024-38559
* CVE-2024-38570
* CVE-2024-38586
* CVE-2024-38588
* CVE-2024-38598
* CVE-2024-38628
* CVE-2024-39276
* CVE-2024-39371
* CVE-2024-39463
* CVE-2024-39472
* CVE-2024-39475
* CVE-2024-39482
* CVE-2024-39487
* CVE-2024-39488
* CVE-2024-39490
* CVE-2024-39493
* CVE-2024-39494
* CVE-2024-39497
* CVE-2024-39499
* CVE-2024-39500
* CVE-2024-39501
* CVE-2024-39502
* CVE-2024-39505
* CVE-2024-39506
* CVE-2024-39507
* CVE-2024-39508
* CVE-2024-39509
* CVE-2024-40900
* CVE-2024-40901
* CVE-2024-40902
* CVE-2024-40903
* CVE-2024-40904
* CVE-2024-40906
* CVE-2024-40908
* CVE-2024-40909
* CVE-2024-40911
* CVE-2024-40912
* CVE-2024-40916
* CVE-2024-40919
* CVE-2024-40923
* CVE-2024-40924
* CVE-2024-40927
* CVE-2024-40929
* CVE-2024-40931
* CVE-2024-40932
* CVE-2024-40934
* CVE-2024-40935
* CVE-2024-40937
* CVE-2024-40940
* CVE-2024-40941
* CVE-2024-40942
* CVE-2024-40943
* CVE-2024-40945
* CVE-2024-40953
* CVE-2024-40954
* CVE-2024-40956
* CVE-2024-40958
* CVE-2024-40959
* CVE-2024-40960
* CVE-2024-40961
* CVE-2024-40966
* CVE-2024-40967
* CVE-2024-40970
* CVE-2024-40972
* CVE-2024-40976
* CVE-2024-40977
* CVE-2024-40981
* CVE-2024-40982
* CVE-2024-40984
* CVE-2024-40987
* CVE-2024-40988
* CVE-2024-40989
* CVE-2024-40990
* CVE-2024-40994
* CVE-2024-40998
* CVE-2024-40999
* CVE-2024-41002
* CVE-2024-41004
* CVE-2024-41006
* CVE-2024-41009
* CVE-2024-41011
* CVE-2024-41012
* CVE-2024-41013
* CVE-2024-41014
* CVE-2024-41015
* CVE-2024-41016
* CVE-2024-41017
* CVE-2024-41040
* CVE-2024-41041
* CVE-2024-41044
* CVE-2024-41048
* CVE-2024-41057
* CVE-2024-41058
* CVE-2024-41059
* CVE-2024-41063
* CVE-2024-41064
* CVE-2024-41066
* CVE-2024-41069
* CVE-2024-41070
* CVE-2024-41071
* CVE-2024-41072
* CVE-2024-41076
* CVE-2024-41078
* CVE-2024-41081
* CVE-2024-41087
* CVE-2024-41090
* CVE-2024-41091
* CVE-2024-42070
* CVE-2024-42079
* CVE-2024-42093
* CVE-2024-42096
* CVE-2024-42105
* CVE-2024-42122
* CVE-2024-42124
* CVE-2024-42145
* CVE-2024-42161
* CVE-2024-42224
* CVE-2024-42230

CVSS scores:

* CVE-2021-47086 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47103 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47186 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47402 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2021-47546 ( SUSE ): 2.3 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L
* CVE-2021-47546 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47547 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
* CVE-2021-47588 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47590 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47591 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47593 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47598 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2021-47599 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47606 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47622 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47623 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N
* CVE-2021-47624 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
* CVE-2022-48713 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48730 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
* CVE-2022-48732 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48749 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48756 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48773 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48774 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
* CVE-2022-48775 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
* CVE-2022-48776 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
* CVE-2022-48777 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48778 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
* CVE-2022-48780 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48783 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48784 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48785 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48786 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
* CVE-2022-48787 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48787 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2022-48788 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H
* CVE-2022-48788 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2022-48789 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
* CVE-2022-48789 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2022-48790 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
* CVE-2022-48790 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2022-48791 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2022-48791 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2022-48792 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2022-48792 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2022-48793 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48793 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48794 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
* CVE-2022-48796 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
* CVE-2022-48796 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2022-48797 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
* CVE-2022-48798 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48799 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48800 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
* CVE-2022-48801 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2022-48802 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48803 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H
* CVE-2022-48804 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
* CVE-2022-48805 ( SUSE ): 6.6 CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2022-48806 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
* CVE-2022-48807 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2022-48809 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48809 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48810 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48811 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48812 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48813 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48814 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48815 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48816 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48817 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48818 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48820 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48821 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2022-48822 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2022-48822 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2022-48823 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
* CVE-2022-48824 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48824 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48825 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N
* CVE-2022-48826 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48827 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48828 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
* CVE-2022-48829 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
* CVE-2022-48830 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48831 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48834 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N
* CVE-2022-48834 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2022-48835 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48835 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48836 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48836 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48837 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48837 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2022-48838 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48838 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48839 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48839 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48840 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48840 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48841 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48841 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48842 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48842 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48843 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48843 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48844 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
* CVE-2022-48844 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48846 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48846 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48847 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48847 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2022-48849 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48849 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
* CVE-2022-48850 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48850 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48851 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48851 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2022-48852 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48852 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
* CVE-2022-48853 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48853 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
* CVE-2022-48855 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48855 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
* CVE-2022-48856 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48856 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48857 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48857 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48858 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48858 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2022-48859 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48859 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48860 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48860 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48861 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48861 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48862 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48862 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48863 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L
* CVE-2022-48863 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48864 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48864 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48866 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
* CVE-2022-48866 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
* CVE-2023-1582 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-1582 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-37453 ( SUSE ): 4.6 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-37453 ( NVD ): 4.6 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52435 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52435 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52573 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52580 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52591 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
* CVE-2023-52735 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52751 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52762 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52775 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
* CVE-2023-52812 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
* CVE-2023-52857 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52863 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52885 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-52886 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-25741 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:L
* CVE-2024-26583 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26583 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26584 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26584 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26585 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-26585 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26615 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26633 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26635 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H
* CVE-2024-26636 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26641 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H
* CVE-2024-26661 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26663 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26665 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26800 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26802 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26813 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26814 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26863 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26889 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26920 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26935 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
* CVE-2024-26961 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26976 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-27015 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-27015 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-27019 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-27019 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
* CVE-2024-27020 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-27020 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-27025 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H
* CVE-2024-27065 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-27402 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H
* CVE-2024-27437 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-35805 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-35819 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-35837 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-35853 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-35854 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-35855 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-35889 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-35890 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-35893 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-35899 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-35934 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
* CVE-2024-35949 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-35961 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-35979 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-35995 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H
* CVE-2024-36000 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-36004 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-36288 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-36288 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-36889 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
* CVE-2024-36901 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-36901 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-36902 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-36902 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-36909 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
* CVE-2024-36910 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N
* CVE-2024-36911 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
* CVE-2024-36912 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
* CVE-2024-36913 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
* CVE-2024-36914 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-36919 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-36923 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
* CVE-2024-36924 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-36926 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-36926 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-36939 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-36941 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-36942 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L
* CVE-2024-36944 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-36946 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
* CVE-2024-36947 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
* CVE-2024-36950 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-36952 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-36955 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
* CVE-2024-36959 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-36974 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-38548 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-38555 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-38558 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
* CVE-2024-38559 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-38570 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-38570 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-38586 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-38588 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-38598 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-38628 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-39276 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-39371 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-39463 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-39472 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L
* CVE-2024-39472 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-39475 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-39475 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-39482 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L
* CVE-2024-39482 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-39487 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H
* CVE-2024-39488 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-39490 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
* CVE-2024-39493 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H
* CVE-2024-39493 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-39494 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-39494 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-39497 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-39499 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
* CVE-2024-39500 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-39501 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-39502 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-39505 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H
* CVE-2024-39506 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-39507 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-39508 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
* CVE-2024-39509 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-40900 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-40901 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L
* CVE-2024-40902 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
* CVE-2024-40902 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-40903 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-40903 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-40904 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-40906 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-40908 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-40909 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-40911 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-40912 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-40916 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-40919 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-40923 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-40924 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-40927 ( SUSE ): 6.6 CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-40929 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-40931 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
* CVE-2024-40932 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L
* CVE-2024-40934 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L
* CVE-2024-40935 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-40937 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-40940 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-40941 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-40942 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-40943 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-40945 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-40953 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-40954 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-40956 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-40958 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-40959 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-40960 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-40961 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-40966 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-40967 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-40970 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-40972 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-40976 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-40977 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-40981 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
* CVE-2024-40982 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-40984 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-40987 ( SUSE ): 5.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H
* CVE-2024-40988 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-40989 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-40990 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-40994 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-40998 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-40999 ( SUSE ): 3.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L
* CVE-2024-41002 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L
* CVE-2024-41004 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:N
* CVE-2024-41006 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L
* CVE-2024-41009 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-41009 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-41011 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-41012 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H
* CVE-2024-41013 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
* CVE-2024-41014 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-41015 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
* CVE-2024-41016 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
* CVE-2024-41017 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-41040 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-41041 ( SUSE ): 0.0 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
* CVE-2024-41044 ( SUSE ): 6.3 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L
* CVE-2024-41048 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-41057 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2024-41057 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-41058 ( SUSE ): 6.9
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2024-41058 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H
* CVE-2024-41059 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2024-41059 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-41063 ( SUSE ): 5.7
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2024-41063 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-41064 ( SUSE ): 5.7
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2024-41064 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-41066 ( SUSE ): 5.8
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2024-41066 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H
* CVE-2024-41069 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2024-41069 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-41070 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-41071 ( SUSE ): 4.3 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
* CVE-2024-41072 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
* CVE-2024-41076 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
* CVE-2024-41078 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
* CVE-2024-41081 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-41087 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-41087 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-41090 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
* CVE-2024-41091 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
* CVE-2024-42070 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
* CVE-2024-42070 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-42079 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-42079 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-42093 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L
* CVE-2024-42096 ( SUSE ): 5.8
CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2024-42096 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H
* CVE-2024-42105 ( SUSE ): 6.9
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N
* CVE-2024-42105 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
* CVE-2024-42122 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-42124 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-42145 ( SUSE ): 8.7
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2024-42145 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-42161 ( SUSE ): 7.1
CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2024-42161 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-42161 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-42224 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-42224 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-42230 ( SUSE ): 6.7
CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2024-42230 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-42230 ( NVD ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

Affected Products:

* openSUSE Leap 15.5
* Public Cloud Module 15-SP5
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP5

An update that solves 311 vulnerabilities, contains two features and has 50
security fixes can now be installed.

## Description:

The SUSE Linux Enterprise 15 SP5 Azure kernel was updated to receive various
security bugfixes.

The following security bugs were fixed:

* CVE-2021-47086: phonet/pep: refuse to enable an unbound pipe (bsc#1220952).
* CVE-2021-47103: net: sock: preserve kabi for sock (bsc#1221010).
* CVE-2021-47186: ipc: check for null after calling kmemdup (bsc#1222702).
* CVE-2021-47546: Kabi fix for ipv6: fix memory leak in fib6_rule_suppress
(bsc#1225504).
* CVE-2021-47547: net: tulip: de4x5: fix the problem that the array 'lp->phy'
may be out of bound (bsc#1225505).
* CVE-2021-47588: sit: do not call ipip6_dev_free() from sit_init_net()
(bsc#1226568).
* CVE-2021-47590: mptcp: fix deadlock in __mptcp_push_pending() (bsc#1226565).
* CVE-2021-47591: mptcp: remove tcp ulp setsockopt support (bsc#1226570).
* CVE-2021-47593: mptcp: clear 'kern' flag from fallback sockets
(bsc#1226551).
* CVE-2021-47598: sch_cake: do not call cake_destroy() from cake_init()
(bsc#1226574).
* CVE-2021-47599: btrfs: use latest_dev in btrfs_show_devname (bsc#1226571)
* CVE-2021-47606: net: netlink: af_netlink: Prevent empty skb by adding a
check on len (bsc#1226555).
* CVE-2021-47623: powerpc/fixmap: Fix VM debug warning on unmap (bsc#1227919).
* CVE-2022-48785: ipv6: mcast: use rcu-safe version of ipv6_get_lladdr()
(bsc#1227927)
* CVE-2022-48810: ipmr,ip6mr: acquire RTNL before calling ip[6]mr_free_table()
on failure path (bsc#1227936).
* CVE-2022-48850: net-sysfs: add check for netdevice being present to
speed_show (bsc#1228071)
* CVE-2022-48855: sctp: fix kernel-infoleak for SCTP sockets (bsc#1228003).
* CVE-2023-52435: net: prevent mss overflow in skb_segment() (bsc#1220138).
* CVE-2023-52573: net: rds: Fix possible NULL-pointer dereference
(bsc#1220869)
* CVE-2023-52580: net/core: Fix ETH_P_1588 flow dissector (bsc#1220876).
* CVE-2023-52751: smb: client: fix use-after-free in
smb2_query_info_compound() (bsc#1225489).
* CVE-2023-52775: net/smc: avoid data corruption caused by decline
(bsc#1225088).
* CVE-2023-52812: drm/amd: check num of link levels when update pcie param
(bsc#1225564).
* CVE-2023-52857: drm/mediatek: Fix coverity issue with unintentional integer
overflow (bsc#1225581).
* CVE-2023-52863: hwmon: (axi-fan-control) Fix possible NULL pointer
dereference (bsc#1225586).
* CVE-2024-26585: Fixed race between tx work scheduling and socket close
(bsc#1220187).
* CVE-2024-26615: net/smc: fix illegal rmb_desc access in SMC-D connection
dump (bsc#1220942).
* CVE-2024-26633: ip6_tunnel: fix NEXTHDR_FRAGMENT handling in
ip6_tnl_parse_tlv_enc_lim() (bsc#1221647).
* CVE-2024-26635: llc: Drop support for ETH_P_TR_802_2 (bsc#1221656).
* CVE-2024-26636: llc: make llc_ui_sendmsg() more robust against bonding
changes (bsc#1221659).
* CVE-2024-26641: ip6_tunnel: make sure to pull inner header in
__ip6_tnl_rcv() (bsc#1221654).
* CVE-2024-26661: drm/amd/display: Add NULL test for 'timing generator' in
(bsc#1222323)
* CVE-2024-26663: tipc: Check the bearer type before calling
tipc_udp_nl_bearer_add() (bsc#1222326).
* CVE-2024-26665: tunnels: fix out of bounds access when building IPv6 PMTU
error (bsc#1222328).
* CVE-2024-26802: stmmac: Clear variable when destroying workqueue
(bsc#1222799).
* CVE-2024-26863: hsr: Fix uninit-value access in hsr_get_node()
(bsc#1223021).
* CVE-2024-26961: mac802154: fix llsec key resources release in
mac802154_llsec_key_del (bsc#1223652).
* CVE-2024-27015: netfilter: flowtable: incorrect pppoe tuple (bsc#1223806).
* CVE-2024-27019: netfilter: nf_tables: Fix potential data-race in
__nft_obj_type_get() (bsc#1223813)
* CVE-2024-27020: netfilter: nf_tables: Fix potential data-race in
__nft_expr_type_get() (bsc#1223815)
* CVE-2024-27025: nbd: null check for nla_nest_start (bsc#1223778)
* CVE-2024-27065: netfilter: nf_tables: do not compare internal table flags on
updates (bsc#1223836).
* CVE-2024-27402: phonet/pep: fix racy skb_queue_empty() use (bsc#1224414).
* CVE-2024-27437: vfio/pci: Disable auto-enable of exclusive INTx IRQ
(bsc#1222625).
* CVE-2024-35805: dm snapshot: fix lockup in dm_exception_table_exit
(bsc#1224743).
* CVE-2024-35819: soc: fsl: qbman: Use raw spinlock for cgr_lock
(bsc#1224683).
* CVE-2024-35837: net: mvpp2: clear BM pool before initialization
(bsc#1224500).
* CVE-2024-35853: mlxsw: spectrum_acl_tcam: Fix memory leak during rehash
(bsc#1224604).
* CVE-2024-35889: idpf: fix kernel panic on unknown packet types
(bsc#1224517).
* CVE-2024-35890: gro: fix ownership transfer (bsc#1224516).
* CVE-2024-35893: net/sched: act_skbmod: prevent kernel-infoleak (bsc#1224512)
* CVE-2024-35899: netfilter: nf_tables: flush pending destroy work before
exit_net release (bsc#1224499)
* CVE-2024-35934: net/smc: reduce rtnl pressure in
smc_pnet_create_pnetids_list() (bsc#1224641)
* CVE-2024-35949: btrfs: make sure that WRITTEN is set on all metadata blocks
(bsc#1224700)
* CVE-2024-35961: net/mlx5: Restore mistakenly dropped parts in register
devlink flow (bsc#1224585).
* CVE-2024-35995: ACPI: CPPC: Fix access width used for PCC registers
(bsc#1224557).
* CVE-2024-36000: mm/hugetlb: fix missing hugetlb_lock for resv uncharge
(bsc#1224548).
* CVE-2024-36004: i40e: Do not use WQ_MEM_RECLAIM flag for workqueue
(bsc#1224545)
* CVE-2024-36901: ipv6: prevent NULL dereference in ip6_output() (bsc#1225711)
* CVE-2024-36902: ipv6: fib6_rules: avoid possible NULL dereference in
fib6_rule_action() (bsc#1225719).
* CVE-2024-36909: Drivers: hv: vmbus: Do not free ring buffers that couldn't
be re-encrypted (bsc#1225744).
* CVE-2024-36910: uio_hv_generic: Do not free decrypted memory (bsc#1225717).
* CVE-2024-36911: hv_netvsc: Do not free decrypted memory (bsc#1225745).
* CVE-2024-36912: Drivers: hv: vmbus: Track decrypted status in vmbus_gpadl
(bsc#1225752).
* CVE-2024-36913: Drivers: hv: vmbus: Leak pages if set_memory_encrypted()
fails (bsc#1225753).
* CVE-2024-36914: drm/amd/display: Skip on writeback when it's not applicable
(bsc#1225757).
* CVE-2024-36919: scsi: bnx2fc: Remove spin_lock_bh while releasing resources
after upload (bsc#1225767).
* CVE-2024-36923: fs/9p: fix uninitialized values during inode evict
(bsc#1225815).
* CVE-2024-36939: nfs: Handle error of rpc_proc_register() in nfs_net_init()
(bsc#1225838).
* CVE-2024-36946: phonet: fix rtm_phonet_notify() skb allocation
(bsc#1225851).
* CVE-2024-36974: net/sched: taprio: always validate TCA_TAPRIO_ATTR_PRIOMAP
(bsc#1226519).
* CVE-2024-38555: net/mlx5: Discard command completions in internal error
(bsc#1226607).
* CVE-2024-38558: net: openvswitch: fix overwriting ct original tuple for
ICMPv6 (bsc#1226783).
* CVE-2024-38570: gfs2: Fix potential glock use-after-free on unmount
(bsc#1226775).
* CVE-2024-38586: r8169: Fix possible ring buffer corruption on fragmented Tx
packets (bsc#1226750).
* CVE-2024-38598: md: fix resync softlockup when bitmap size is less than
array size (bsc#1226757).
* CVE-2024-38628: usb: gadget: u_audio: Fix race condition use of controls
after free during gadget unbind (bsc#1226911).
* CVE-2024-39276: ext4: fix mb_cache_entry's e_refcnt leak in
ext4_xattr_block_cache_find() (bsc#1226993).
* CVE-2024-39371: io_uring: check for non-NULL file pointer in
io_file_can_poll() (bsc#1226990).
* CVE-2024-39463: 9p: add missing locking around taking dentry fid list
(bsc#1227090).
* CVE-2024-39472: xfs: fix log recovery buffer allocation for the legacy
h_size fixup (bsc#1227432).
* CVE-2024-39482: bcache: fix variable length array abuse in btree_iter
(bsc#1227447).
* CVE-2024-39487: bonding: Fix out-of-bounds read in
bond_option_arp_ip_targets_set() (bsc#1227573)
* CVE-2024-39490: ipv6: sr: fix missing sk_buff release in seg6_input_core
(bsc#1227626).
* CVE-2024-39493: crypto: qat - Fix ADF_DEV_RESET_SYNC memory leak
(bsc#1227620).
* CVE-2024-39494: ima: Fix use-after-free on a dentry's dname.name
(bsc#1227716).
* CVE-2024-39497: drm/shmem-helper: Fix BUG_ON() on mmap(PROT_WRITE,
MAP_PRIVATE) (bsc#1227722)
* CVE-2024-39502: ionic: fix use after netif_napi_del() (bsc#1227755).
* CVE-2024-39506: liquidio: Adjust a NULL pointer handling path in
lio_vf_rep_copy_packet (bsc#1227729).
* CVE-2024-39507: net: hns3: fix kernel crash problem in concurrent scenario
(bsc#1227730).
* CVE-2024-39508: io_uring/io-wq: Use set_bit() and test_bit() at
worker->flags (bsc#1227732).
* CVE-2024-40901: scsi: mpt3sas: Avoid test/set_bit() operating in non-
allocated memory (bsc#1227762).
* CVE-2024-40906: net/mlx5: Always stop health timer during driver removal
(bsc#1227763).
* CVE-2024-40908: bpf: Set run context for rawtp test_run callback
(bsc#1227783).
* CVE-2024-40909: bpf: Fix a potential use-after-free in bpf_link_free()
(bsc#1227798).
* CVE-2024-40919: bnxt_en: Adjust logging of firmware messages in case of
released token in __hwrm_send() (bsc#1227779).
* CVE-2024-40923: vmxnet3: disable rx data ring on dma allocation failure
(bsc#1227786).
* CVE-2024-40931: mptcp: ensure snd_una is properly initialized on connect
(bsc#1227780).
* CVE-2024-40935: cachefiles: flush all requests after setting CACHEFILES_DEAD
(bsc#1227797).
* CVE-2024-40937: gve: Clear napi->skb before dev_kfree_skb_any()
(bsc#1227836).
* CVE-2024-40940: net/mlx5: Fix tainted pointer delete is case of flow rules
creation fail (bsc#1227800).
* CVE-2024-40943: ocfs2: fix races between hole punching and AIO+DIO
(bsc#1227849).
* CVE-2024-40953: KVM: Fix a data race on last_boosted_vcpu in
kvm_vcpu_on_spin() (bsc#1227806).
* CVE-2024-40954: net: do not leave a dangling sk pointer, when socket
creation fails (bsc#1227808)
* CVE-2024-40958: netns: Make get_net_ns() handle zero refcount net
(bsc#1227812).
* CVE-2024-40959: xfrm6: check ip6_dst_idev() return value in
xfrm6_get_saddr() (bsc#1227884).
* CVE-2024-40960: ipv6: prevent possible NULL dereference in rt6_probe()
(bsc#1227813).
* CVE-2024-40961: ipv6: prevent possible NULL deref in fib6_nh_init()
(bsc#1227814).
* CVE-2024-40966: kABI: tty: add the option to have a tty reject a new ldisc
(bsc#1227886).
* CVE-2024-40967: serial: imx: Introduce timeout when waiting on transmitter
empty (bsc#1227891).
* CVE-2024-40970: Avoid hw_desc array overrun in dw-axi-dmac (bsc#1227899).
* CVE-2024-40972: ext4: fold quota accounting into
ext4_xattr_inode_lookup_create() (bsc#1227910).
* CVE-2024-40977: wifi: mt76: mt7921s: fix potential hung tasks during chip
recovery (bsc#1227950).
* CVE-2024-40982: ssb: Fix potential NULL pointer dereference in
ssb_device_uevent() (bsc#1227865).
* CVE-2024-40989: KVM: arm64: Disassociate vcpus from redistributor region on
teardown (bsc#1227823).
* CVE-2024-40994: ptp: fix integer overflow in max_vclocks_store
(bsc#1227829).
* CVE-2024-40998: ext4: fix uninitialized ratelimit_state->lock access in
__ext4_fill_super() (bsc#1227866).
* CVE-2024-40999: net: ena: Add validation for completion descriptors
consistency (bsc#1227913).
* CVE-2024-41006: netrom: Fix a memory leak in nr_heartbeat_expiry()
(bsc#1227862).
* CVE-2024-41009: selftests/bpf: Add more ring buffer test coverage
(bsc#1228020).
* CVE-2024-41012: filelock: Remove locks reliably when fcntl/close race is
detected (bsc#1228247).
* CVE-2024-41013: xfs: do not walk off the end of a directory data block
(bsc#1228405).
* CVE-2024-41014: xfs: add bounds checking to xlog_recover_process_data
(bsc#1228408).
* CVE-2024-41015: ocfs2: add bounds checking to ocfs2_check_dir_entry()
(bsc#1228409).
* CVE-2024-41016: ocfs2: add bounds checking to ocfs2_xattr_find_entry()
(bsc#1228410).
* CVE-2024-41017: jfs: do not walk off the end of ealist (bsc#1228403).
* CVE-2024-41040: net/sched: Fix UAF when resolving a clash (bsc#1228518)
* CVE-2024-41041: udp: Set SOCK_RCU_FREE earlier in udp_lib_get_port()
(bsc#1228520)
* CVE-2024-41044: ppp: reject claimed-as-LCP but actually malformed packets
(bsc#1228530).
* CVE-2024-41048: skmsg: Skip zero length skb in sk_msg_recvmsg (bsc#1228565)
* CVE-2024-41057: cachefiles: fix slab-use-after-free in
cachefiles_withdraw_cookie() (bsc#1228462).
* CVE-2024-41058: cachefiles: fix slab-use-after-free in
fscache_withdraw_volume() (bsc#1228459).
* CVE-2024-41059: hfsplus: fix uninit-value in copy_name (bsc#1228561).
* CVE-2024-41063: Bluetooth: hci_core: cancel all works upon
hci_unregister_dev() (bsc#1228580)
* CVE-2024-41064: powerpc/eeh: avoid possible crash when edev->pdev changes
(bsc#1228599).
* CVE-2024-41066: ibmvnic: Add tx check to prevent skb leak (bsc#1228640).
* CVE-2024-41069: ASoC: topology: Fix route memory corruption (bsc#1228644).
* CVE-2024-41070: KVM: PPC: Book3S HV: Prevent UAF in
kvm_spapr_tce_attach_iommu_group() (bsc#1228581).
* CVE-2024-41071: wifi: mac80211: Avoid address calculations via out of bounds
array indexing (bsc#1228625).
* CVE-2024-41078: btrfs: qgroup: fix quota root leak after quota disable
failure (bsc#1228655).
* CVE-2024-41081: ila: block BH in ila_output() (bsc#1228617)
* CVE-2024-41090: tap: add missing verification for short frame (bsc#1228328).
* CVE-2024-41091: tun: add missing verification for short frame (bsc#1228327).
* CVE-2024-42070: netfilter: nf_tables: fully validate NFT_DATA_VALUE on store
to data registers (bsc#1228470)
* CVE-2024-42079: gfs2: Fix NULL pointer dereference in gfs2_log_flush
(bsc#1228672).
* CVE-2024-42093: net/dpaa2: Avoid explicit cpumask var allocation on stack
(bsc#1228680).
* CVE-2024-42096: x86: stop playing stack games in profile_pc() (bsc#1228633).
* CVE-2024-42122: drm/amd/display: Add NULL pointer check for kzalloc
(bsc#1228591)
* CVE-2024-42124: scsi: qedf: Make qedf_execute_tmf() non-preemptible
(bsc#1228705)
* CVE-2024-42145: IB/core: Implement a limit on UMAD receive List
(bsc#1228743)
* CVE-2024-42161: bpf: Avoid uninitialized value in BPF_CORE_READ_BITFIELD
(bsc#1228756).
* CVE-2024-42224: net: dsa: mv88e6xxx: Correct check for empty list
(bsc#1228723)
* CVE-2024-42230: powerpc/pseries: Fix scv instruction crash with kexec
(bsc#1194869).

The following non-security bugs were fixed:

* ACPI: EC: Abort address space access upon error (stable-fixes).
* ACPI: EC: Avoid returning AE_OK on errors in address space handler (stable-
fixes).
* ACPI: processor_idle: Fix invalid comparison with insertion sort for latency
(git-fixes).
* ACPI: video: Add backlight=native quirk for Lenovo Slim 7 16ARH7 (stable-
fixes).
* ACPI: x86: Force StorageD3Enable on more products (stable-fixes).
* ACPI: x86: utils: Add Picasso to the list for forcing StorageD3Enable
(stable-fixes).
* ALSA: dmaengine_pcm: terminate dmaengine before synchronize (stable-fixes).
* ALSA: dmaengine: Synchronize dma channel after drop() (stable-fixes).
* ALSA: emux: improve patch ioctl data validation (stable-fixes).
* ALSA: hda: conexant: Fix headset auto detect fail in the polling mode (git-
fixes).
* ALSA: hda/realtek: Add more codec ID to no shutup pins list (stable-fixes).
* ALSA: hda/realtek: add quirk for Clevo V5[46]0TU (stable-fixes).
* ALSA: hda/realtek: Enable headset mic of JP-IK LEAP W502 with ALC897
(stable-fixes).
* ALSA: hda/realtek: Enable headset mic on Positivo SU C1400 (stable-fixes).
* ALSA: hda/realtek: Enable Mute LED on HP 250 G7 (stable-fixes).
* ALSA: hda/realtek: fix mute/micmute LEDs do not work for EliteBook 645/665
G11 (stable-fixes).
* ALSA: hda/realtek: Fix the speaker output on Samsung Galaxy Book Pro 360
(stable-fixes).
* ALSA: hda/realtek: Limit mic boost on VAIO PRO PX (stable-fixes).
* ALSA: hda/relatek: Enable Mute LED on HP Laptop 15-gw0xxx (stable-fixes).
* ALSA: pcm_dmaengine: Do not synchronize DMA channel when DMA is paused (git-
fixes).
* ALSA: usb-audio: Add a quirk for Sonix HD USB Camera (stable-fixes).
* ALSA: usb-audio: Correct surround channels in UAC1 channel map (git-fixes).
* ALSA: usb-audio: Fix microphone sound on HD webcam (stable-fixes).
* ALSA: usb-audio: Move HD Webcam quirk to the right place (git-fixes).
* arm64: dts: allwinner: Pine H64: correctly remove reg_gmac_3v3 (git-fixes)
* arm64: dts: hi3798cv200: fix the size of GICR (git-fixes)
* arm64: dts: imx8qm-mek: fix gpio number for reg_usdhc2_vmmc (git-fixes)
* arm64: dts: microchip: sparx5: fix mdio reg (git-fixes)
* arm64: dts: rockchip: Add enable-strobe-pulldown to emmc phy on ROCK (git-
fixes)
* arm64: dts: rockchip: Add sound-dai-cells for RK3368 (git-fixes)
* arm64: dts: rockchip: fix PMIC interrupt pin on ROCK Pi E (git-fixes)
* arm64/io: add constant-argument check (bsc#1226502 git-fixes)
* arm64/io: Provide a WC friendly __iowriteXX_copy() (bsc#1226502)
* arm64: tegra: Correct Tegra132 I2C alias (git-fixes)
* ASoC: amd: Adjust error handling in case of absent codec device (git-fixes).
* ASoC: max98088: Check for clk_prepare_enable() error (git-fixes).
* ASoC: ti: davinci-mcasp: Set min period size using FIFO config (stable-
fixes).
* ASoC: ti: omap-hdmi: Fix too long driver name (stable-fixes).
* batman-adv: bypass empty buckets in batadv_purge_orig_ref() (stable-fixes).
* blk-cgroup: dropping parent refcount after pd_free_fn() is done
(bsc#1224573).
* block: do not add partitions if GD_SUPPRESS_PART_SCAN is set (bsc#1227162).
* block, loop: support partitions without scanning (bsc#1227162).
* Bluetooth: ath3k: Fix multiple issues reported by checkpatch.pl (stable-
fixes).
* Bluetooth: btqca: use le32_to_cpu for ver.soc_id (stable-fixes).
* Bluetooth: hci_core: cancel all works upon hci_unregister_dev() (stable-
fixes).
* Bluetooth: hci_qca: mark OF related data as maybe unused (stable-fixes).
* Bluetooth: hci_sync: Fix suspending with wrong filter policy (git-fixes).
* Bluetooth: qca: Fix BT enable failure again for QCA6390 after warm reboot
(git-fixes).
* bnxt_re: Fix imm_data endianness (git-fixes)
* bpf: aggressively forget precise markings during state checkpointing
(bsc#1225903).
* bpf: allow precision tracking for programs with subprogs (bsc#1225903).
* bpf: check bpf_func_state->callback_depth when pruning states (bsc#1225903).
* bpf: clean up visit_insn()'s instruction processing (bsc#1225903).
* bpf: correct loop detection for iterators convergence (bsc#1225903).
* bpf: encapsulate precision backtracking bookkeeping (bsc#1225903).
* bpf: ensure state checkpointing at iter_next() call sites (bsc#1225903).
* bpf: exact states comparison for iterator convergence checks (bsc#1225903).
* bpf: extract __check_reg_arg() utility function (bsc#1225903).
* bpf: extract same_callsites() as utility function (bsc#1225903).
* bpf: extract setup_func_entry() utility function (bsc#1225903).
* bpf: fix calculation of subseq_idx during precision backtracking
(bsc#1225903).
* bpf: fix mark_all_scalars_precise use in mark_chain_precision (bsc#1225903).
* bpf: Fix memory leaks in __check_func_call (bsc#1225903).
* bpf: fix propagate_precision() logic for inner frames (bsc#1225903).
* bpf: fix regs_exact() logic in regsafe() to remap IDs correctly
(bsc#1225903).
* bpf: Fix to preserve reg parent/live fields when copying range info
(bsc#1225903).
* bpf: generalize MAYBE_NULL vs non-MAYBE_NULL rule (bsc#1225903).
* bpf: improve precision backtrack logging (bsc#1225903).
* bpf: Improve verifier u32 scalar equality checking (bsc#1225903).
* bpf: keep track of max number of bpf_loop callback iterations (bsc#1225903).
* bpf: maintain bitmasks across all active frames in __mark_chain_precision
(bsc#1225903).
* bpf: mark relevant stack slots scratched for register read instructions
(bsc#1225903).
* bpf: move explored_state() closer to the beginning of verifier.c
(bsc#1225903).
* bpf: perform byte-by-byte comparison only when necessary in regsafe()
(bsc#1225903).
* bpf: print full verifier states on infinite loop detection (bsc#1225903).
* bpf: regsafe() must not skip check_ids() (bsc#1225903).
* bpf: reject non-exact register type matches in regsafe() (bsc#1225903).
* bpf: Remove unused insn_cnt argument from visit_[func_call_]insn()
(bsc#1225903).
* bpf: reorganize struct bpf_reg_state fields (bsc#1225903).
* bpf: Skip invalid kfunc call in backtrack_insn (bsc#1225903).
* bpf: states_equal() must build idmap for all function frames (bsc#1225903).
* bpf: stop setting precise in current state (bsc#1225903).
* bpf: support precision propagation in the presence of subprogs
(bsc#1225903).
* bpf: take into account liveness when propagating precision (bsc#1225903).
* bpf: teach refsafe() to take into account ID remapping (bsc#1225903).
* bpf: unconditionally reset backtrack_state masks on global func exit
(bsc#1225903).
* bpf: use check_ids() for active_lock comparison (bsc#1225903).
* bpf: Use scalar ids in mark_chain_precision() (bsc#1225903).
* bpf: verify callbacks as if they are called unknown number of times
(bsc#1225903).
* bpf: Verify scalar ids mapping in regsafe() using check_ids() (bsc#1225903).
* bpf: widening for callback iterators (bsc#1225903).
* btrfs: add device major-minor info in the struct btrfs_device (bsc#1227162).
* btrfs: harden identification of a stale device (bsc#1227162).
* btrfs: match stale devices by dev_t (bsc#1227162).
* btrfs: remove the cross file system checks from remap (bsc#1227157).
* btrfs: use dev_t to match device in device_matched (bsc#1227162).
* btrfs: validate device maj:min during open (bsc#1227162).
* bytcr_rt5640 : inverse jack detect for Archos 101 cesium (stable-fixes).
* cachefiles: add output string to cachefiles_obj_[get|put]_ondemand_fd (git-
fixes).
* can: kvaser_usb: Explicitly initialize family in leafimx driver_info struct
(git-fixes).
* can: kvaser_usb: fix return value for hif_usb_send_regout (stable-fixes).
* ceph: fix incorrect kmalloc size of pagevec mempool (bsc#1228418).
* cgroup/cpuset: Prevent UAF in proc_cpuset_show() (bsc#1228801).
* crypto: aead,cipher - zeroize key buffer after use (stable-fixes).
* crypto: ecdh - explicitly zeroize private_key (stable-fixes).
* crypto: ecdsa - Fix the public key format description (git-fixes).
* crypto: hisilicon/sec - Fix memory leak for sec resource release (stable-
fixes).
* csky: ftrace: Drop duplicate implementation of arch_check_ftrace_location()
(git-fixes).
* decompress_bunzip2: fix rare decompression failure (git-fixes).
* devres: Fix devm_krealloc() wasting memory (git-fixes).
* devres: Fix memory leakage caused by driver API devm_free_percpu() (git-
fixes).
* dma: fix call order in dmam_free_coherent (git-fixes).
* docs: crypto: async-tx-api: fix broken code example (git-fixes).
* docs: Fix formatting of literal sections in fanotify docs (stable-fixes).
* drm/amd/amdgpu: Fix style errors in amdgpu_drv.c & amdgpu_device.c (stable-
fixes).
* drm/amd/display: Account for cursor prefetch BW in DML1 mode support
(stable-fixes).
* drm/amd/display: Check for NULL pointer (stable-fixes).
* drm/amd/display: Check index msg_id before read or write (stable-fixes).
* drm/amd/display: Check pipe offset before setting vblank (stable-fixes).
* drm/amd/display: Skip finding free audio for unknown engine_id (stable-
fixes).
* drm/amdgpu/atomfirmware: fix parsing of vram_info (stable-fixes).
* drm/amdgpu/atomfirmware: silence UBSAN warning (stable-fixes).
* drm/amdgpu: avoid using null object of framebuffer (stable-fixes).
* drm/amdgpu: Check if NBIO funcs are NULL in amdgpu_device_baco_exit (git-
fixes).
* drm/amdgpu: Fix pci state save during mode-1 reset (git-fixes).
* drm/amdgpu: Fix signedness bug in sdma_v4_0_process_trap_irq() (git-fixes).
* drm/amdgpu: fix uninitialized scalar variable warning (stable-fixes).
* drm/amdgpu: Fix uninitialized variable warnings (stable-fixes).
* drm/amdgpu: Initialize timestamp for some legacy SOCs (stable-fixes).
* drm/amdgpu: Remove GC HW IP 9.3.0 from noretry=1 (git-fixes).
* drm/amd/pm: Fix aldebaran pcie speed reporting (git-fixes).
* drm/amd/pm: remove logically dead code for renoir (git-fixes).
* drm/dp_mst: Fix all mstb marked as not probed after suspend/resume (git-
fixes).
* drm/etnaviv: do not block scheduler when GPU is still active (stable-fixes).
* drm/etnaviv: fix DMA direction handling for cached RW buffers (git-fixes).
* drm/gma500: fix null pointer dereference in cdv_intel_lvds_get_modes (git-
fixes).
* drm/gma500: fix null pointer dereference in psb_intel_lvds_get_modes (git-
fixes).
* drm/i915/gt: Do not consider preemption during execlists_dequeue for gen8
(git-fixes).
* drm/lima: fix shared irq handling on driver remove (stable-fixes).
* drm/lima: Mark simple_ondemand governor as softdep (git-fixes).
* drm/mediatek: Add OVL compatible name for MT8195 (git-fixes).
* drm/meson: fix canvas release in bind function (git-fixes).
* drm/mgag200: Bind I2C lifetime to DRM device (git-fixes).
* drm/mgag200: Set DDC timeout in milliseconds (git-fixes).
* drm/mipi-dsi: Fix mipi_dsi_dcs_write_seq() macro definition format (stable-
fixes).
* drm/mipi-dsi: Fix theoretical int overflow in mipi_dsi_dcs_write_seq() (git-
fixes).
* drm/msm/dpu: drop validity checks for clear_pending_flush() ctl op (git-
fixes).
* drm/msm/mdp5: Remove MDP_CAP_SRC_SPLIT from msm8x53_config (git-fixes).
* drm/nouveau/dispnv04: fix null pointer dereference in nv17_tv_get_hd_modes
(stable-fixes).
* drm/nouveau/dispnv04: fix null pointer dereference in nv17_tv_get_ld_modes
(stable-fixes).
* drm/nouveau: fix null pointer dereference in nouveau_connector_get_modes
(git-fixes).
* drm/nouveau: prime: fix refcount underflow (git-fixes).
* drm/panel: boe-tv101wum-nl6: Check for errors on the NOP in prepare() (git-
fixes).
* drm/panel: boe-tv101wum-nl6: If prepare fails, disable GPIO before
regulators (git-fixes).
* drm/panel: ilitek-ili9881c: Fix warning with GPIO controllers that sleep
(stable-fixes).
* drm: panel-orientation-quirks: Add quirk for Valve Galileo (stable-fixes).
* drm/panfrost: Mark simple_ondemand governor as softdep (git-fixes).
* drm/qxl: Add check for drm_cvt_mode (git-fixes).
* drm/radeon: check bo_va->bo is non-NULL before using it (stable-fixes).
* drm/radeon/radeon_display: Decrease the size of allocated memory (stable-
fixes).
* drm/vmwgfx: Fix a deadlock in dma buf fence polling (git-fixes).
* drm/vmwgfx: Fix missing HYPERVISOR_GUEST dependency (stable-fixes).
* drm/vmwgfx: Fix overlay when using Screen Targets (git-fixes).
* eeprom: digsy_mtc: Fix 93xx46 driver probe failure (git-fixes).
* exfat: check if cluster num is valid (git-fixes).
* exfat: simplify is_valid_cluster() (git-fixes).
* filelock: add a new locks_inode_context accessor function (git-fixes).
* firmware: cs_dsp: Fix overflow checking of wmfw header (git-fixes).
* firmware: cs_dsp: Prevent buffer overrun when processing V2 alg headers
(git-fixes).
* firmware: cs_dsp: Return error if block header overflows file (git-fixes).
* firmware: cs_dsp: Use strnlen() on name fields in V1 wmfw files (git-fixes).
* firmware: cs_dsp: Validate payload length before processing block (git-
fixes).
* firmware: dmi: Stop decoding on broken entry (stable-fixes).
* firmware: turris-mox-rwtm: Do not complete if there are no waiters (git-
fixes).
* firmware: turris-mox-rwtm: Fix checking return value of
wait_for_completion_timeout() (git-fixes).
* firmware: turris-mox-rwtm: Initialize completion before mailbox (git-fixes).
* fix build warning
* fs: allow cross-vfsmount reflink/dedupe (bsc#1227157).
* ftrace: Fix possible use-after-free issue in ftrace_location() (git-fixes).
* fuse: verify {g,u}id mount options correctly (bsc#1228191).
* gpio: mc33880: Convert comma to semicolon (git-fixes).
* hfsplus: fix to avoid false alarm of circular locking (git-fixes).
* hfsplus: fix uninit-value in copy_name (git-fixes).
* HID: Add quirk for Logitech Casa touchpad (stable-fixes).
* HID: wacom: Modify pen IDs (git-fixes).
* hpet: Support 32-bit userspace (git-fixes).
* hwmon: (adt7475) Fix default duty on fan is disabled (git-fixes).
* hwmon: (max6697) Fix swapped temp{1,8} critical alarms (git-fixes).
* hwmon: (max6697) Fix underflow when writing limit attributes (git-fixes).
* i2c: mark HostNotify target address as used (git-fixes).
* i2c: rcar: bring hardware to known state when probing (git-fixes).
* i2c: tegra: Fix failure during probe deferral cleanup (git-fixes)
* i2c: tegra: Share same DMA channel for RX and TX (bsc#1227661)
* i2c: testunit: avoid re-issued work after read message (git-fixes).
* i2c: testunit: correct Kconfig description (git-fixes).
* Input: elan_i2c - do not leave interrupt disabled on suspend failure (git-
fixes).
* Input: elantech - fix touchpad state on resume for Lenovo N24 (stable-
fixes).
* Input: ff-core - prefer struct_size over open coded arithmetic (stable-
fixes).
* Input: qt1050 - handle CHIP_ID reading error (git-fixes).
* Input: silead - Always support 10 fingers (stable-fixes).
* intel_th: pci: Add Granite Rapids SOC support (stable-fixes).
* intel_th: pci: Add Granite Rapids support (stable-fixes).
* intel_th: pci: Add Lunar Lake support (stable-fixes).
* intel_th: pci: Add Meteor Lake-S support (stable-fixes).
* intel_th: pci: Add Sapphire Rapids SOC support (stable-fixes).
* iommu/arm-smmu-v3: Free MSIs in case of ENOMEM (git-fixes).
* ionic: clean interrupt before enabling queue to avoid credit race (git-
fixes).
* jffs2: Fix potential illegal address access in jffs2_free_inode (git-fixes).
* jfs: Fix array-index-out-of-bounds in diFree (git-fixes).
* jfs: xattr: fix buffer overflow for invalid xattr (bsc#1227383).
* kABI: bpf: bpf_reg_state reorganization kABI workaround (bsc#1225903).
* kABI: bpf: callback fixes kABI workaround (bsc#1225903).
* kABI: bpf: struct bpf_{idmap,idset} kABI workaround (bsc#1225903).
* kABI: bpf: tmp_str_buf kABI workaround (bsc#1225903).
* kABI: rtas: Workaround false positive due to lost definition (bsc#1227487).
* kabi/severities: ignore kABI for FireWire sound local symbols (bsc#1208783)
* kabi/severities: Ignore tpm_tis_core_init (bsc#1082555).
* kabi/severity: add nvme common code The nvme common code is also allowed to
change the data structures, there are only internal users.
* kabi: Use __iowriteXX_copy_inlined for in-kernel modules (bsc#1226502)
* kernel-binary: vdso: Own module_dir
* kernel/sched: Remove dl_boosted flag comment (git fixes (sched)).
* knfsd: LOOKUP can return an illegal error value (git-fixes).
* kobject_uevent: Fix OOB access within zap_modalias_env() (git-fixes).
* kprobes: Make arch_check_ftrace_location static (git-fixes).
* KVM: nVMX: Clear EXIT_QUALIFICATION when injecting an EPT Misconfig (git-
fixes).
* KVM: PPC: Book3S HV: Fix "rm_exit" entry in debugfs timings (bsc#1194869).
* KVM: PPC: Book3S HV: Fix the set_one_reg for MMCR3 (bsc#1194869).
* KVM: PPC: Book3S HV Nested: L2 LPCR should inherit L1 LPES setting
(bsc#1194869).
* KVM: PPC: Book3S HV: remove extraneous asterisk from rm_host_ipi_action()
comment (bsc#1194869).
* KVM: PPC: Book3S: Suppress failed alloc warning in H_COPY_TOFROM_GUEST
(bsc#1194869).
* KVM: PPC: Book3S: Suppress warnings when allocating too big memory slots
(bsc#1194869).
* KVM: s390: fix LPSWEY handling (bsc#1227635 git-fixes).
* KVM: SVM: Process ICR on AVIC IPI delivery failure due to invalid target
(git-fixes).
* KVM: VMX: Report up-to-date exit qualification to userspace (git-fixes).
* KVM: x86: Add IBPB_BRTYPE support (bsc#1228079).
* KVM: x86: Always sync PIR to IRR prior to scanning I/O APIC routes (git-
fixes).
* KVM: x86: Bail from kvm_recalculate_phys_map() if x2APIC ID is out-of-bounds
(git-fixes).
* KVM: x86: Disable APIC logical map if logical ID covers multiple MDAs (git-
fixes).
* KVM: x86: Disable APIC logical map if vCPUs are aliased in logical mode
(git-fixes).
* KVM: x86: Do not advertise guest.MAXPHYADDR as host.MAXPHYADDR in CPUID
(git-fixes).
* KVM: x86: Explicitly skip optimized logical map setup if vCPU's LDR==0 (git-
fixes).
* KVM: x86: Explicitly track all possibilities for APIC map's logical modes
(git-fixes).
* KVM: x86: Fix broken debugregs ABI for 32 bit kernels (git-fixes).
* KVM: x86: Fix KVM_GET_MSRS stack info leak (git-fixes).
* KVM: x86: Honor architectural behavior for aliased 8-bit APIC IDs (git-
fixes).
* KVM: x86: Purge "highest ISR" cache when updating APICv state (git-fixes).
* KVM: x86: Save/restore all NMIs when multiple NMIs are pending (git-fixes).
* KVM: x86: Skip redundant x2APIC logical mode optimized cluster setup (git-
fixes).
* leds: ss4200: Convert PCIBIOS_* return codes to errnos (git-fixes).
* leds: triggers: Flush pending brightness before activating trigger (git-
fixes).
* leds: trigger: Unregister sysfs attributes before calling deactivate() (git-
fixes).
* libceph: fix race between delayed_work() and ceph_monc_stop() (bsc#1228190).
* lib: objagg: Fix general protection fault (git-fixes).
* lib: objagg: Fix spelling (git-fixes).
* lib: test_objagg: Fix spelling (git-fixes).
* lockd: set missing fl_flags field when retrieving args (git-fixes).
* lockd: use locks_inode_context helper (git-fixes).
* Make AMD_HSMP=m and mark it unsupported in supported.conf (jsc#PED-8582)
* media: dvb: as102-fe: Fix as10x_register_addr packing (stable-fixes).
* media: dvbdev: Initialize sbuf (stable-fixes).
* media: dvb-frontends: tda10048: Fix integer overflow (stable-fixes).
* media: dvb-frontends: tda18271c2dd: Remove casting during div (stable-
fixes).
* media: dvb-usb: dib0700_devices: Add missing release_firmware() (stable-
fixes).
* media: dvb-usb: Fix unexpected infinite loop in
dvb_usb_read_remote_control() (git-fixes).
* media: dw2102: Do not translate i2c read into write (stable-fixes).
* media: dw2102: fix a potential buffer overflow (git-fixes).
* media: imon: Fix race getting ictx->lock (git-fixes).
* media: s2255: Use refcount_t instead of atomic_t for num_channels (stable-
fixes).
* media: uvcvideo: Fix integer overflow calculating timestamp (git-fixes).
* media: uvcvideo: Override default flags (git-fixes).
* media: venus: fix use after free in vdec_close (git-fixes).
* media: venus: flush all buffers in output plane streamoff (git-fixes).
* mei: demote client disconnect warning on suspend to debug (stable-fixes).
* mfd: omap-usb-tll: Use struct_size to allocate tll (git-fixes).
* mtd: partitions: redboot: Added conversion of operands to a larger type
(stable-fixes).
* net/dcb: check for detached device before executing callbacks (bsc#1215587).
* netfilter: conntrack: ignore overly delayed tcp packets (bsc#1223180).
* netfilter: conntrack: prepare tcp_in_window for ternary return value
(bsc#1223180).
* netfilter: conntrack: remove pr_debug callsites from tcp tracker
(bsc#1223180).
* netfilter: conntrack: work around exceeded receive window (bsc#1223180).
* netfs, fscache: export fscache_put_volume() and add fscache_try_get_volume()
(bsc#1228459 bsc#1228462).
* net: mana: Fix possible double free in error handling path (git-fixes).
* net: mana: Fix the extra HZ in mana_hwc_send_request (git-fixes).
* net: usb: qmi_wwan: add Telit FN912 compositions (git-fixes).
* net: usb: sr9700: fix uninitialized variable use in sr_mdio_read (git-
fixes).
* nfc/nci: Add the inconsistency check between the input data length and count
(stable-fixes).
* NFSD: Add an nfsd_file_fsync tracepoint (git-fixes).
* NFSD: Add an NFSD_FILE_GC flag to enable nfsd_file garbage collection (git-
fixes).
* nfsd: Add errno mapping for EREMOTEIO (git-fixes).
* NFSD: Add nfsd_file_lru_dispose_list() helper (git-fixes).
* nfsd: add some comments to nfsd_file_do_acquire (git-fixes).
* nfsd: allow nfsd_file_get to sanely handle a NULL pointer (git-fixes).
* nfsd: allow reaping files still under writeback (git-fixes).
* NFSD: Avoid calling fh_drop_write() twice in do_nfsd_create() (git-fixes).
* NFSD: Clean up nfsd3_proc_create() (git-fixes).
* nfsd: Clean up nfsd_file_put() (git-fixes).
* NFSD: Clean up nfsd_open_verified() (git-fixes).
* NFSD: Clean up unused code after rhashtable conversion (git-fixes).
* NFSD: Convert filecache to rhltable (git-fixes).
* NFSD: Convert the filecache to use rhashtable (git-fixes).
* NFSD: De-duplicate hash bucket indexing (git-fixes).
* nfsd: do not free files unconditionally in __nfsd_file_cache_purge (git-
fixes).
* nfsd: do not fsync nfsd_files on last close (git-fixes).
* nfsd: do not hand out delegation on setuid files being opened for write
(git-fixes).
* nfsd: do not kill nfsd_files because of lease break error (git-fixes).
* nfsd: Do not leave work of closing files to a work queue (bsc#1228140).
* nfsd: do not take/put an extra reference when putting a file (git-fixes).
* NFSD enforce filehandle check for source file in COPY (git-fixes).
* NFSD: Ensure nf_inode is never dereferenced (git-fixes).
* nfsd: fix handling of cached open files in nfsd4_open codepath (git-fixes).
* NFSD: Fix licensing header in filecache.c (git-fixes).
* nfsd: fix net-namespace logic in __nfsd_file_cache_purge (git-fixes).
* nfsd: fix nfsd_file_unhash_and_dispose (git-fixes).
* NFSD: Fix potential use-after-free in nfsd_file_put() (git-fixes).
* NFSD: Fix problem of COMMIT and NFS4ERR_DELAY in infinite loop (git-fixes).
* NFSD: Fix the filecache LRU shrinker (git-fixes).
* nfsd: fix up the filecache laundrette scheduling (git-fixes).
* nfsd: fix use-after-free in nfsd_file_do_acquire tracepoint (git-fixes).
* NFSD: Flesh out a documenting comment for filecache.c (git-fixes).
* NFSD: handle errors better in write_ports_addfd() (git-fixes).
* NFSD: Instantiate a struct file when creating a regular NFSv4 file (git-
fixes).
* NFSD: Leave open files out of the filecache LRU (git-fixes).
* nfsd: map EBADF (git-fixes).
* NFSD: Move nfsd_file_trace_alloc() tracepoint (git-fixes).
* NFSD: nfsd_file_hash_remove can compute hashval (git-fixes).
* nfsd: NFSD_FILE_KEY_INODE only needs to find GC'ed entries (git-fixes).
* NFSD: nfsd_file_put() can sleep (git-fixes).
* NFSD: nfsd_file_unhash can compute hashval from nf->nf_inode (git-fixes).
* NFSD: No longer record nf_hashval in the trace log (git-fixes).
* NFSD: Pass the target nfsd_file to nfsd_commit() (git-fixes).
* nfsd: put the export reference in nfsd4_verify_deleg_dentry (git-fixes).
* NFSD: Record number of flush calls (git-fixes).
* NFSD: Refactor nfsd_create_setattr() (git-fixes).
* NFSD: Refactor __nfsd_file_close_inode() (git-fixes).
* NFSD: Refactor nfsd_file_gc() (git-fixes).
* NFSD: Refactor nfsd_file_lru_scan() (git-fixes).
* NFSD: Refactor NFSv3 CREATE (git-fixes).
* NFSD: Refactor NFSv4 OPEN(CREATE) (git-fixes).
* NFSD: Remove do_nfsd_create() (git-fixes).
* NFSD: Remove lockdep assertion from unhash_and_release_locked() (git-fixes).
* NFSD: Remove nfsd_file::nf_hashval (git-fixes).
* nfsd: remove the pages_flushed statistic from filecache (git-fixes).
* nfsd: reorganize filecache.c (git-fixes).
* NFSD: Replace the "init once" mechanism (git-fixes).
* NFSD: Report average age of filecache items (git-fixes).
* NFSD: Report count of calls to nfsd_file_acquire() (git-fixes).
* NFSD: Report count of freed filecache items (git-fixes).
* NFSD: Report filecache LRU size (git-fixes).
* NFSD: Report the number of items evicted by the LRU walk (git-fixes).
* nfsd: Retry once in nfsd_open on an -EOPENSTALE return (git-fixes).
* nfsd: rework hashtable handling in nfsd_do_file_acquire (git-fixes).
* nfsd: rework refcounting in filecache (git-fixes).
* NFSD: Separate tracepoints for acquire and create (git-fixes).
* NFSD: Set up an rhashtable for the filecache (git-fixes).
* nfsd: silence extraneous printk on nfsd.ko insertion (git-fixes).
* NFSD: simplify per-net file cache management (git-fixes).
* nfsd: simplify test_bit return in NFSD_FILE_KEY_FULL comparator (git-fixes).
* nfsd: simplify the delayed disposal list code (git-fixes).
* NFSD: Trace filecache LRU activity (git-fixes).
* NFSD: Trace filecache opens (git-fixes).
* NFSD: verify the opened dentry after setting a delegation (git-fixes).
* NFSD: WARN when freeing an item still linked via nf_lru (git-fixes).
* NFSD: Write verifier might go backwards (git-fixes).
* NFSD: Zero counters when the filecache is re-initialized (git-fixes).
* NFS: Fix READ_PLUS when server does not support OP_READ_PLUS (git-fixes).
* nfs: fix undefined behavior in nfs_block_bits() (git-fixes).
* nfs: keep server info for remounts (git-fixes).
* nfs: Leave pages in the pagecache if readpage failed (git-fixes).
* NFSv4: Fixup smatch warning for ambiguous return (git-fixes).
* NFSv4.x: by default serialize open/close operations (bsc#1223863
bsc#1227362)
* nilfs2: add missing check for inode numbers on directory entries (git-
fixes).
* nilfs2: add missing check for inode numbers on directory entries (stable-
fixes).
* nilfs2: avoid undefined behavior in nilfs_cnt32_ge macro (git-fixes).
* nilfs2: convert persistent object allocator to use kmap_local (git-fixes).
* nilfs2: fix incorrect inode allocation from reserved inodes (git-fixes).
* nilfs2: fix inode number range checks (git-fixes).
* nilfs2: fix inode number range checks (stable-fixes).
* nvme: adjust multiples of NVME_CTRL_PAGE_SIZE in offset (git-fixes).
* nvme-auth: alloc nvme_dhchap_key as single buffer (git-fixes).
* nvme-auth: allow mixing of secret and hash lengths (git-fixes).
* nvme-auth: use transformed key size to create resp (git-fixes).
* nvme: avoid double free special payload (git-fixes).
* nvme: ensure reset state check ordering (bsc#1215492).
* nvme: fixup comment for nvme RDMA Provider Type (git-fixes).
* nvme-multipath: find NUMA path only for online numa-node (git-fixes).
* nvme-pci: add missing condition check for existence of mapped data (git-
fixes).
* nvme-pci: Fix the instructions for disabling power management (git-fixes).
* nvmet: always initialize cqe.result (git-fixes).
* nvmet-auth: fix nvmet_auth hash error handling (git-fixes).
* nvmet: fix a possible leak when destroy a ctrl during qp establishment (git-
fixes).
* nvme: use ctrl state accessor (bsc#1215492).
* ocfs2: fix DIO failure due to insufficient transaction credits
(bsc#1216834).
* ocfs2: remove redundant assignment to variable free_space (bsc#1228409).
* ocfs2: strict bound check before memcmp in ocfs2_xattr_find_entry()
(bsc#1228410).
* orangefs: fix out-of-bounds fsid access (git-fixes).
* PCI: Add PCI_ERROR_RESPONSE and related definitions (stable-fixes).
* PCI/DPC: Fix use-after-free on concurrent DPC and hot-removal (git-fixes).
* PCI: Extend ACS configurability (bsc#1228090).
* PCI: Fix resource double counting on remove & rescan (git-fixes).
* PCI: hv: Return zero, not garbage, when reading PCI_INTERRUPT_PIN (git-
fixes).
* PCI: Introduce cleanup helpers for device reference counts and locks (git-
fixes).
* PCI: Introduce cleanup helpers for device reference counts and locks
(stable-fixes).
* PCI: keystone: Do not enable BAR 0 for AM654x (git-fixes).
* PCI: keystone: Fix NULL pointer dereference in case of DT error in
ks_pcie_setup_rc_app_regs() (git-fixes).
* PCI: keystone: Relocate ks_pcie_set/clear_dbi_mode() (git-fixes).
* PCI/PM: Avoid D3cold for HP Pavilion 17 PC/1972 PCIe Ports (git-fixes).
* PCI/PM: Avoid D3cold for HP Pavilion 17 PC/1972 PCIe Ports (stable-fixes).
* PCI: rockchip: Use GPIOD_OUT_LOW flag while requesting ep_gpio (git-fixes).
* PCI: tegra194: Set EP alignment restriction for inbound ATU (git-fixes).
* pinctrl: core: fix possible memory leak when pinctrl_enable() fails (git-
fixes).
* pinctrl: freescale: mxs: Fix refcount of child (git-fixes).
* pinctrl: single: fix possible memory leak when pinctrl_enable() fails (git-
fixes).
* pinctrl: ti: ti-iodelay: fix possible memory leak when pinctrl_enable()
fails (git-fixes).
* platform/chrome: cros_ec_debugfs: fix wrong EC message version (git-fixes).
* platform/chrome: cros_ec_proto: Lock device when updating MKBP version (git-
fixes).
* platform/x86: dell-smbios-base: Use sysfs_emit() (stable-fixes).
* platform/x86: dell-smbios: Fix wrong token data in sysfs (git-fixes).
* platform/x86: lg-laptop: Change ACPI device id (stable-fixes).
* platform/x86: lg-laptop: Remove LGEX0815 hotkey handling (stable-fixes).
* platform/x86: touchscreen_dmi: Add info for GlobalSpace SolT IVW 11.6"
tablet (stable-fixes).
* platform/x86: touchscreen_dmi: Add info for the EZpad 6s Pro (stable-fixes).
* platform/x86: wireless-hotkey: Add support for LG Airplane Button (stable-
fixes).
* powerpc/cpuidle: Set CPUIDLE_FLAG_POLLING for snooze state (bsc#1227121
ltc#207129).
* powerpc: fix a file leak in kvm_vcpu_ioctl_enable_cap() (bsc#1194869).
* powerpc/kasan: Disable address sanitization in kexec paths (bsc#1194869).
* powerpc/pseries: Fix scv instruction crash with kexec (bsc#1194869).
* powerpc/rtas: clean up includes (bsc#1227487).
* powerpc/rtas: Prevent Spectre v1 gadget construction in sys_rtas()
(bsc#1227487).
* power: supply: cros_usbpd: provide ID table for avoiding fallback match
(stable-fixes).
* pwm: stm32: Always do lazy disabling (git-fixes).
* RDMA/cache: Release GID table even if leak is detected (git-fixes)
* RDMA/device: Return error earlier if port in not valid (git-fixes)
* RDMA/hns: Check atomic wr length (git-fixes)
* RDMA/hns: Fix insufficient extend DB for VFs. (git-fixes)
* RDMA/hns: Fix mbx timing out before CMD execution is completed (git-fixes)
* RDMA/hns: Fix missing pagesize and alignment check in FRMR (git-fixes)
* RDMA/hns: Fix shift-out-bounds when max_inline_data is 0 (git-fixes)
* RDMA/hns: Fix soft lockup under heavy CEQE load (git-fixes)
* RDMA/hns: Fix undifined behavior caused by invalid max_sge (git-fixes)
* RDMA/hns: Fix unmatch exception handling when init eq table fails (git-
fixes)
* RDMA/iwcm: Fix a use-after-free related to destroying CM IDs (git-fixes)
* RDMA/mana_ib: Ignore optional access flags for MRs (git-fixes).
* RDMA/mlx4: Fix truncated output warning in alias_GUID.c (git-fixes)
* RDMA/mlx4: Fix truncated output warning in mad.c (git-fixes)
* RDMA/mlx5: Set mkeys for dmabuf at PAGE_SIZE (git-fixes)
* RDMA/restrack: Fix potential invalid address access (git-fixes)
* RDMA/rxe: Do not set BTH_ACK_MASK for UC or UD QPs (git-fixes)
* regmap-i2c: Subtract reg size from max_write (stable-fixes).
* Revert "ALSA: firewire-lib: obsolete workqueue for period update"
(bsc#1208783).
* Revert "ALSA: firewire-lib: operate for period elapse event in process
context" (bsc#1208783).
* Revert "leds: led-core: Fix refcount leak in of_led_get()" (git-fixes).
* Revert "usb: musb: da8xx: Set phy in OTG mode by default" (stable-fixes).
* rpcrdma: fix handling for RDMA_CM_EVENT_DEVICE_REMOVAL (git-fixes).
* rtc: cmos: Fix return value of nvmem callbacks (git-fixes).
* rtc: interface: Add RTC offset to alarm after fix-up (git-fixes).
* rtc: isl1208: Fix return value of nvmem callbacks (git-fixes).
* rtlwifi: rtl8192de: Style clean-ups (stable-fixes).
* s390: Implement __iowrite32_copy() (bsc#1226502)
* s390: Stop using weak symbols for __iowrite64_copy() (bsc#1226502)
* saa7134: Unchecked i2c_transfer function result fixed (git-fixes).
* sched/fair: Do not balance task to its current running CPU (git fixes
(sched)).
* sched: Fix stop_one_cpu_nowait() vs hotplug (git fixes (sched)).
* scsi: lpfc: Allow DEVICE_RECOVERY mode after RSCN receipt if in PRLI_ISSUE
state (bsc#1228857).
* scsi: lpfc: Cancel ELS WQE instead of issuing abort when SLI port is
inactive (bsc#1228857).
* scsi: lpfc: Fix handling of fully recovered fabric node in dev_loss callbk
(bsc#1228857).
* scsi: lpfc: Fix incorrect request len mbox field when setting trunking via
sysfs (bsc#1228857).
* scsi: lpfc: Handle mailbox timeouts in lpfc_get_sfp_info (bsc#1228857).
* scsi: lpfc: Relax PRLI issue conditions after GID_FT response (bsc#1228857).
* scsi: lpfc: Revise lpfc_prep_embed_io routine with proper endian macro
usages (bsc#1228857).
* scsi: lpfc: Update lpfc version to 14.4.0.3 (bsc#1228857).
* scsi: qla2xxx: Avoid possible run-time warning with long model_num
(bsc#1228850).
* scsi: qla2xxx: Complete command early within lock (bsc#1228850).
* scsi: qla2xxx: Convert comma to semicolon (bsc#1228850).
* scsi: qla2xxx: Drop driver owner assignment (bsc#1228850).
* scsi: qla2xxx: During vport delete send async logout explicitly
(bsc#1228850).
* scsi: qla2xxx: Fix debugfs output for fw_resource_count (bsc#1228850).
* scsi: qla2xxx: Fix flash read failure (bsc#1228850).
* scsi: qla2xxx: Fix for possible memory corruption (bsc#1228850).
* scsi: qla2xxx: Fix optrom version displayed in FDMI (bsc#1228850).
* scsi: qla2xxx: Indent help text (bsc#1228850).
* scsi: qla2xxx: Reduce fabric scan duplicate code (bsc#1228850).
* scsi: qla2xxx: Remove unused struct 'scsi_dif_tuple' (bsc#1228850).
* scsi: qla2xxx: Return ENOBUFS if sg_cnt is more than one for ELS cmds
(bsc#1228850).
* scsi: qla2xxx: Unable to act on RSCN for port online (bsc#1228850).
* scsi: qla2xxx: Update version to 10.02.09.300-k (bsc#1228850).
* scsi: qla2xxx: Use QP lock to search for bsg (bsc#1228850).
* scsi: qla2xxx: validate nvme_local_port correctly (bsc#1228850).
* selftests/bpf: Add a selftest for checking subreg equality (bsc#1225903).
* selftests/bpf: add pre bpf_prog_test_run_opts() callback for test_loader
(bsc#1225903).
* selftests/bpf: add precision propagation tests in the presence of subprogs
(bsc#1225903).
* selftests/bpf: Add pruning test case for bpf_spin_lock (bsc#1225903).
* selftests/bpf: Check if mark_chain_precision() follows scalar ids
(bsc#1225903).
* selftests/bpf: check if max number of bpf_loop iterations is tracked
(bsc#1225903).
* selftests/bpf: fix __retval() being always ignored (bsc#1225903).
* selftests/bpf: fix unpriv_disabled check in test_verifier (bsc#1225903).
* selftests/bpf: __imm_insn & __imm_const macro for bpf_misc.h (bsc#1225903).
* selftests/bpf: make test_align selftest more robust (bsc#1225903).
* selftests/bpf: populate map_array_ro map for verifier_array_access test
(bsc#1225903).
* selftests/bpf: prog_tests entry point for migrated test_verifier tests
(bsc#1225903).
* selftests/bpf: Report program name on parse_test_spec error (bsc#1225903).
* selftests/bpf: Support custom per-test flags and multiple expected messages
(bsc#1225903).
* selftests/bpf: test case for callback_depth states pruning logic
(bsc#1225903).
* selftests/bpf: test case for relaxed prunning of active_lock.id
(bsc#1225903).
* selftests/bpf: test cases for regsafe() bug skipping check_id()
(bsc#1225903).
* selftests/bpf: Tests execution support for test_loader.c (bsc#1225903).
* selftests/bpf: tests for iterating callbacks (bsc#1225903).
* selftests/bpf: test widening for iterating callbacks (bsc#1225903).
* selftests/bpf: track string payload offset as scalar in strobemeta
(bsc#1225903).
* selftests/bpf: Unprivileged tests for test_loader.c (bsc#1225903).
* selftests/bpf: Verify copy_register_state() preserves parent/live fields
(bsc#1225903).
* selftests/bpf: verify states_equal() maintains idmap across all frames
(bsc#1225903).
* selftests/bpf: Verify that check_ids() is used for scalars in regsafe()
(bsc#1225903).
* selftests/sigaltstack: Fix ppc64 GCC build (git-fixes).
* soc: ti: wkup_m3_ipc: Send NULL dummy message instead of pointer message
(stable-fixes).
* spi: imx: Do not expect DMA for i.MX{25,35,50,51,53} cspi devices (stable-
fixes).
* spi: mux: set ctlr->bits_per_word_mask (stable-fixes).
* string.h: Introduce memtostr() and memtostr_pad() (bsc#1228850).
* SUNRPC: avoid soft lockup when transmitting UDP to reachable server
(bsc#1225272).
* SUNRPC: Fix gss_free_in_token_pages() (git-fixes).
* SUNRPC: Fix loop termination condition in gss_free_in_token_pages() (git-
fixes).
* sunrpc: fix NFSACL RPC retry on soft mount (git-fixes).
* SUNRPC: return proper error from gss_wrap_req_priv (git-fixes).
* supported.conf:
* tpm: Allow system suspend to continue when TPM suspend fails (bsc#1082555).
* tpm: Prevent hwrng from activating during resume (bsc#1082555).
* tpm_tis: Resend command to recover from data transfer errors (bsc#1082555).
* tpm_tis: Use tpm_chip_{start,stop} decoration inside tpm_tis_resume
(bsc#1082555).
* tpm, tpm: Implement usage counter for locality (bsc#1082555).
* tpm, tpm_tis: Avoid cache incoherency in test for interrupts (bsc#1082555).
* tpm, tpm_tis: Claim locality before writing interrupt registers
(bsc#1082555).
* tpm, tpm_tis: Claim locality in interrupt handler (bsc#1082555).
* tpm, tpm_tis: Claim locality when interrupts are reenabled on resume
(bsc#1082555).
* tpm, tpm_tis: correct tpm_tis_flags enumeration values (bsc#1082555).
* tpm, tpm_tis: Do not skip reset of original interrupt vector (bsc#1082555).
* tpm, tpm_tis: Only handle supported interrupts (bsc#1082555).
* tracing: Build event generation tests only as modules (git-fixes).
* tracing/net_sched: NULL pointer dereference in perf_trace_qdisc_reset()
(git-fixes).
* tracing/osnoise: Add osnoise/options file (bsc#1228330)
* tracing/osnoise: Add OSNOISE_WORKLOAD option (bsc#1228330)
* tracing/osnoise: Do not follow tracing_cpumask (bsc#1228330)
* tracing/osnoise: Fix notify new tracing_max_latency (bsc#1228330)
* tracing/osnoise: Make osnoise_instances static (bsc#1228330)
* tracing/osnoise: Split workload start from the tracer start (bsc#1228330)
* tracing/osnoise: Support a list of trace_array *tr (bsc#1228330)
* tracing/osnoise: Use built-in RCU list checking (bsc#1228330)
* tracing/timerlat: Notify new max thread latency (bsc#1228330)
* USB: Add USB_QUIRK_NO_SET_INTF quirk for START BP-850k (stable-fixes).
* usb: cdns3: allocate TX FIFO size according to composite EP number (git-
fixes).
* usb: cdns3: fix incorrect calculation of ep_buf_size when more than one
config (git-fixes).
* usb: cdns3: fix iso transfer error when mult is not zero (git-fixes).
* usb: cdns3: improve handling of unaligned address case (git-fixes).
* usb: cdns3: optimize OUT transfer by copying only actual received data (git-
fixes).
* usb: cdns3: skip set TRB_IOC when usb_request: no_interrupt is true (git-
fixes).
* USB: core: Fix duplicate endpoint bug by clearing reserved bits in the
descriptor (git-fixes).
* usb: dwc3: gadget: Do not delay End Transfer on delayed_status (git-fixes).
* usb: dwc3: gadget: Force sending delayed status during soft disconnect (git-
fixes).
* usb: dwc3: gadget: Synchronize IRQ between soft connect/disconnect (git-
fixes).
* usb: gadget: call usb_gadget_check_config() to verify UDC capability (git-
fixes).
* usb: gadget: configfs: Prevent OOB read/write in usb_string_copy() (stable-
fixes).
* usb: gadget: printer: SS+ support (stable-fixes).
* usb: misc: uss720: check for incompatible versions of the Belkin F5U002
(stable-fixes).
* USB: serial: mos7840: fix crash on resume (git-fixes).
* USB: serial: option: add Fibocom FM350-GL (stable-fixes).
* USB: serial: option: add Netprisma LCUK54 series modules (stable-fixes).
* USB: serial: option: add Rolling RW350-GL variants (stable-fixes).
* USB: serial: option: add support for Foxconn T99W651 (stable-fixes).
* USB: serial: option: add Telit FN912 rmnet compositions (stable-fixes).
* USB: serial: option: add Telit generic core-dump composition (stable-fixes).
* usb: typec: tcpm: clear pd_event queue in PORT_RESET (git-fixes).
* usb: xhci-plat: Do not include xhci.h (git-fixes).
* USB: xhci-plat: fix legacy PHY double init (git-fixes).
* wifi: ath11k: fix wrong handling of CCMP256 and GCMP ciphers (git-fixes).
* wifi: brcmsmac: LCN PHY code is used for BCM4313 2G-only device (git-fixes).
* wifi: cfg80211: fix typo in cfg80211_calculate_bitrate_he() (git-fixes).
* wifi: cfg80211: handle 2x996 RU allocation in
cfg80211_calculate_bitrate_he() (git-fixes).
* wifi: cfg80211: restrict NL80211_ATTR_TXQ_QUANTUM values (git-fixes).
* wifi: cfg80211: wext: add extra SIOCSIWSCAN data check (stable-fixes).
* wifi: iwlwifi: mvm: d3: fix WoWLAN command version lookup (stable-fixes).
* wifi: iwlwifi: mvm: Handle BIGTK cipher in kek_kck cmd (stable-fixes).
* wifi: iwlwifi: mvm: properly set 6 GHz channel direct probe option (stable-
fixes).
* wifi: mac80211: disable softirqs for queued frame handling (git-fixes).
* wifi: mac80211: fix UBSAN noise in ieee80211_prep_hw_scan() (stable-fixes).
* wifi: mac80211: handle tasklet frames before stopping (stable-fixes).
* wifi: mac80211: mesh: init nonpeer_pm to active by default in mesh sdata
(stable-fixes).
* wifi: mt76: replace skb_put with skb_put_zero (stable-fixes).
* wifi: mwifiex: Fix interface type change (git-fixes).
* wifi: rtw89: Fix array index mistake in rtw89_sta_info_get_iter() (git-
fixes).
* wifi: wilc1000: fix ies_len type in connect path (git-fixes).
* workqueue: Improve scalability of workqueue watchdog touch (bsc#1193454).
* workqueue: wq_watchdog_touch is always called with valid CPU (bsc#1193454).
* x86/amd_nb: Use Family 19h Models 60h-7Fh Function 4 IDs (git-fixes).
* x86/apic: Force native_apic_mem_read() to use the MOV instruction (git-
fixes).
* x86/bhi: Avoid warning in #DB handler due to BHI mitigation (git-fixes).
* x86/bugs: Remove default case for fully switched enums (bsc#1227900).
* x86/fpu: Fix AMD X86_BUG_FXSAVE_LEAK fixup (git-fixes).
* x86/ibt,ftrace: Search for **fentry** location (git-fixes).
* x86/Kconfig: Transmeta Crusoe is CPU family 5, not 6 (git-fixes).
* x86/mm: Allow guest.enc_status_change_prepare() to fail (git-fixes).
* x86/mm: Fix enc_status_change_finish_noop() (git-fixes).
* x86/purgatory: Switch to the position-independent small code model (git-
fixes).
* x86/srso: Move retbleed IBPB check into existing 'has_microcode' code block
(bsc#1227900).
* x86/srso: Remove 'pred_cmd' label (bsc#1227900).
* x86: Stop using weak symbols for __iowrite32_copy() (bsc#1226502)
* x86/tdx: Fix race between set_memory_encrypted() and
load_unaligned_zeropad() (git-fixes).
* xfs: Add cond_resched to block unmap range and reflink remap path
(bsc#1228226).
* xhci: Apply broken streams quirk to Etron EJ188 xHCI host (stable-fixes).
* xhci: Apply reset resume quirk to Etron EJ188 xHCI host (stable-fixes).
* xhci: Set correct transferred length for cancelled bulk transfers (stable-
fixes).

## Special Instructions and Notes:

* Please reboot the system after installing this update.

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.5
zypper in -t patch SUSE-2024-2947=1 openSUSE-SLE-15.5-2024-2947=1

* Public Cloud Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP5-2024-2947=1

## Package List:

* openSUSE Leap 15.5 (aarch64 x86_64)
* cluster-md-kmp-azure-5.14.21-150500.33.63.1
* ocfs2-kmp-azure-debuginfo-5.14.21-150500.33.63.1
* gfs2-kmp-azure-5.14.21-150500.33.63.1
* kernel-azure-optional-debuginfo-5.14.21-150500.33.63.1
* ocfs2-kmp-azure-5.14.21-150500.33.63.1
* kernel-azure-devel-5.14.21-150500.33.63.1
* reiserfs-kmp-azure-debuginfo-5.14.21-150500.33.63.1
* reiserfs-kmp-azure-5.14.21-150500.33.63.1
* dlm-kmp-azure-5.14.21-150500.33.63.1
* kernel-azure-extra-debuginfo-5.14.21-150500.33.63.1
* cluster-md-kmp-azure-debuginfo-5.14.21-150500.33.63.1
* kselftests-kmp-azure-debuginfo-5.14.21-150500.33.63.1
* dlm-kmp-azure-debuginfo-5.14.21-150500.33.63.1
* kernel-azure-devel-debuginfo-5.14.21-150500.33.63.1
* kselftests-kmp-azure-5.14.21-150500.33.63.1
* kernel-azure-optional-5.14.21-150500.33.63.1
* kernel-azure-extra-5.14.21-150500.33.63.1
* kernel-azure-debuginfo-5.14.21-150500.33.63.1
* kernel-azure-debugsource-5.14.21-150500.33.63.1
* kernel-syms-azure-5.14.21-150500.33.63.1
* gfs2-kmp-azure-debuginfo-5.14.21-150500.33.63.1
* kernel-azure-livepatch-devel-5.14.21-150500.33.63.1
* openSUSE Leap 15.5 (aarch64 nosrc x86_64)
* kernel-azure-5.14.21-150500.33.63.1
* openSUSE Leap 15.5 (x86_64)
* kernel-azure-vdso-debuginfo-5.14.21-150500.33.63.1
* kernel-azure-vdso-5.14.21-150500.33.63.1
* openSUSE Leap 15.5 (noarch)
* kernel-source-azure-5.14.21-150500.33.63.1
* kernel-devel-azure-5.14.21-150500.33.63.1
* Public Cloud Module 15-SP5 (aarch64 nosrc x86_64)
* kernel-azure-5.14.21-150500.33.63.1
* Public Cloud Module 15-SP5 (aarch64 x86_64)
* kernel-azure-debuginfo-5.14.21-150500.33.63.1
* kernel-azure-debugsource-5.14.21-150500.33.63.1
* kernel-syms-azure-5.14.21-150500.33.63.1
* kernel-azure-devel-debuginfo-5.14.21-150500.33.63.1
* kernel-azure-devel-5.14.21-150500.33.63.1
* Public Cloud Module 15-SP5 (noarch)
* kernel-source-azure-5.14.21-150500.33.63.1
* kernel-devel-azure-5.14.21-150500.33.63.1

## References:

* https://www.suse.com/security/cve/CVE-2021-47086.html
* https://www.suse.com/security/cve/CVE-2021-47103.html
* https://www.suse.com/security/cve/CVE-2021-47186.html
* https://www.suse.com/security/cve/CVE-2021-47402.html
* https://www.suse.com/security/cve/CVE-2021-47546.html
* https://www.suse.com/security/cve/CVE-2021-47547.html
* https://www.suse.com/security/cve/CVE-2021-47588.html
* https://www.suse.com/security/cve/CVE-2021-47590.html
* https://www.suse.com/security/cve/CVE-2021-47591.html
* https://www.suse.com/security/cve/CVE-2021-47593.html
* https://www.suse.com/security/cve/CVE-2021-47598.html
* https://www.suse.com/security/cve/CVE-2021-47599.html
* https://www.suse.com/security/cve/CVE-2021-47606.html
* https://www.suse.com/security/cve/CVE-2021-47622.html
* https://www.suse.com/security/cve/CVE-2021-47623.html
* https://www.suse.com/security/cve/CVE-2021-47624.html
* https://www.suse.com/security/cve/CVE-2022-48713.html
* https://www.suse.com/security/cve/CVE-2022-48730.html
* https://www.suse.com/security/cve/CVE-2022-48732.html
* https://www.suse.com/security/cve/CVE-2022-48749.html
* https://www.suse.com/security/cve/CVE-2022-48756.html
* https://www.suse.com/security/cve/CVE-2022-48773.html
* https://www.suse.com/security/cve/CVE-2022-48774.html
* https://www.suse.com/security/cve/CVE-2022-48775.html
* https://www.suse.com/security/cve/CVE-2022-48776.html
* https://www.suse.com/security/cve/CVE-2022-48777.html
* https://www.suse.com/security/cve/CVE-2022-48778.html
* https://www.suse.com/security/cve/CVE-2022-48780.html
* https://www.suse.com/security/cve/CVE-2022-48783.html
* https://www.suse.com/security/cve/CVE-2022-48784.html
* https://www.suse.com/security/cve/CVE-2022-48785.html
* https://www.suse.com/security/cve/CVE-2022-48786.html
* https://www.suse.com/security/cve/CVE-2022-48787.html
* https://www.suse.com/security/cve/CVE-2022-48788.html
* https://www.suse.com/security/cve/CVE-2022-48789.html
* https://www.suse.com/security/cve/CVE-2022-48790.html
* https://www.suse.com/security/cve/CVE-2022-48791.html
* https://www.suse.com/security/cve/CVE-2022-48792.html
* https://www.suse.com/security/cve/CVE-2022-48793.html
* https://www.suse.com/security/cve/CVE-2022-48794.html
* https://www.suse.com/security/cve/CVE-2022-48796.html
* https://www.suse.com/security/cve/CVE-2022-48797.html
* https://www.suse.com/security/cve/CVE-2022-48798.html
* https://www.suse.com/security/cve/CVE-2022-48799.html
* https://www.suse.com/security/cve/CVE-2022-48800.html
* https://www.suse.com/security/cve/CVE-2022-48801.html
* https://www.suse.com/security/cve/CVE-2022-48802.html
* https://www.suse.com/security/cve/CVE-2022-48803.html
* https://www.suse.com/security/cve/CVE-2022-48804.html
* https://www.suse.com/security/cve/CVE-2022-48805.html
* https://www.suse.com/security/cve/CVE-2022-48806.html
* https://www.suse.com/security/cve/CVE-2022-48807.html
* https://www.suse.com/security/cve/CVE-2022-48809.html
* https://www.suse.com/security/cve/CVE-2022-48810.html
* https://www.suse.com/security/cve/CVE-2022-48811.html
* https://www.suse.com/security/cve/CVE-2022-48812.html
* https://www.suse.com/security/cve/CVE-2022-48813.html
* https://www.suse.com/security/cve/CVE-2022-48814.html
* https://www.suse.com/security/cve/CVE-2022-48815.html
* https://www.suse.com/security/cve/CVE-2022-48816.html
* https://www.suse.com/security/cve/CVE-2022-48817.html
* https://www.suse.com/security/cve/CVE-2022-48818.html
* https://www.suse.com/security/cve/CVE-2022-48820.html
* https://www.suse.com/security/cve/CVE-2022-48821.html
* https://www.suse.com/security/cve/CVE-2022-48822.html
* https://www.suse.com/security/cve/CVE-2022-48823.html
* https://www.suse.com/security/cve/CVE-2022-48824.html
* https://www.suse.com/security/cve/CVE-2022-48825.html
* https://www.suse.com/security/cve/CVE-2022-48826.html
* https://www.suse.com/security/cve/CVE-2022-48827.html
* https://www.suse.com/security/cve/CVE-2022-48828.html
* https://www.suse.com/security/cve/CVE-2022-48829.html
* https://www.suse.com/security/cve/CVE-2022-48830.html
* https://www.suse.com/security/cve/CVE-2022-48831.html
* https://www.suse.com/security/cve/CVE-2022-48834.html
* https://www.suse.com/security/cve/CVE-2022-48835.html
* https://www.suse.com/security/cve/CVE-2022-48836.html
* https://www.suse.com/security/cve/CVE-2022-48837.html
* https://www.suse.com/security/cve/CVE-2022-48838.html
* https://www.suse.com/security/cve/CVE-2022-48839.html
* https://www.suse.com/security/cve/CVE-2022-48840.html
* https://www.suse.com/security/cve/CVE-2022-48841.html
* https://www.suse.com/security/cve/CVE-2022-48842.html
* https://www.suse.com/security/cve/CVE-2022-48843.html
* https://www.suse.com/security/cve/CVE-2022-48844.html
* https://www.suse.com/security/cve/CVE-2022-48846.html
* https://www.suse.com/security/cve/CVE-2022-48847.html
* https://www.suse.com/security/cve/CVE-2022-48849.html
* https://www.suse.com/security/cve/CVE-2022-48850.html
* https://www.suse.com/security/cve/CVE-2022-48851.html
* https://www.suse.com/security/cve/CVE-2022-48852.html
* https://www.suse.com/security/cve/CVE-2022-48853.html
* https://www.suse.com/security/cve/CVE-2022-48855.html
* https://www.suse.com/security/cve/CVE-2022-48856.html
* https://www.suse.com/security/cve/CVE-2022-48857.html
* https://www.suse.com/security/cve/CVE-2022-48858.html
* https://www.suse.com/security/cve/CVE-2022-48859.html
* https://www.suse.com/security/cve/CVE-2022-48860.html
* https://www.suse.com/security/cve/CVE-2022-48861.html
* https://www.suse.com/security/cve/CVE-2022-48862.html
* https://www.suse.com/security/cve/CVE-2022-48863.html
* https://www.suse.com/security/cve/CVE-2022-48864.html
* https://www.suse.com/security/cve/CVE-2022-48866.html
* https://www.suse.com/security/cve/CVE-2023-1582.html
* https://www.suse.com/security/cve/CVE-2023-37453.html
* https://www.suse.com/security/cve/CVE-2023-52435.html
* https://www.suse.com/security/cve/CVE-2023-52573.html
* https://www.suse.com/security/cve/CVE-2023-52580.html
* https://www.suse.com/security/cve/CVE-2023-52591.html
* https://www.suse.com/security/cve/CVE-2023-52735.html
* https://www.suse.com/security/cve/CVE-2023-52751.html
* https://www.suse.com/security/cve/CVE-2023-52762.html
* https://www.suse.com/security/cve/CVE-2023-52775.html
* https://www.suse.com/security/cve/CVE-2023-52812.html
* https://www.suse.com/security/cve/CVE-2023-52857.html
* https://www.suse.com/security/cve/CVE-2023-52863.html
* https://www.suse.com/security/cve/CVE-2023-52885.html
* https://www.suse.com/security/cve/CVE-2023-52886.html
* https://www.suse.com/security/cve/CVE-2024-25741.html
* https://www.suse.com/security/cve/CVE-2024-26583.html
* https://www.suse.com/security/cve/CVE-2024-26584.html
* https://www.suse.com/security/cve/CVE-2024-26585.html
* https://www.suse.com/security/cve/CVE-2024-26615.html
* https://www.suse.com/security/cve/CVE-2024-26633.html
* https://www.suse.com/security/cve/CVE-2024-26635.html
* https://www.suse.com/security/cve/CVE-2024-26636.html
* https://www.suse.com/security/cve/CVE-2024-26641.html
* https://www.suse.com/security/cve/CVE-2024-26661.html
* https://www.suse.com/security/cve/CVE-2024-26663.html
* https://www.suse.com/security/cve/CVE-2024-26665.html
* https://www.suse.com/security/cve/CVE-2024-26800.html
* https://www.suse.com/security/cve/CVE-2024-26802.html
* https://www.suse.com/security/cve/CVE-2024-26813.html
* https://www.suse.com/security/cve/CVE-2024-26814.html
* https://www.suse.com/security/cve/CVE-2024-26863.html
* https://www.suse.com/security/cve/CVE-2024-26889.html
* https://www.suse.com/security/cve/CVE-2024-26920.html
* https://www.suse.com/security/cve/CVE-2024-26935.html
* https://www.suse.com/security/cve/CVE-2024-269355.html
* https://www.suse.com/security/cve/CVE-2024-26961.html
* https://www.suse.com/security/cve/CVE-2024-26976.html
* https://www.suse.com/security/cve/CVE-2024-27015.html
* https://www.suse.com/security/cve/CVE-2024-27019.html
* https://www.suse.com/security/cve/CVE-2024-27020.html
* https://www.suse.com/security/cve/CVE-2024-27025.html
* https://www.suse.com/security/cve/CVE-2024-27065.html
* https://www.suse.com/security/cve/CVE-2024-27402.html
* https://www.suse.com/security/cve/CVE-2024-27437.html
* https://www.suse.com/security/cve/CVE-2024-35805.html
* https://www.suse.com/security/cve/CVE-2024-35819.html
* https://www.suse.com/security/cve/CVE-2024-35837.html
* https://www.suse.com/security/cve/CVE-2024-35853.html
* https://www.suse.com/security/cve/CVE-2024-35854.html
* https://www.suse.com/security/cve/CVE-2024-35855.html
* https://www.suse.com/security/cve/CVE-2024-35889.html
* https://www.suse.com/security/cve/CVE-2024-35890.html
* https://www.suse.com/security/cve/CVE-2024-35893.html
* https://www.suse.com/security/cve/CVE-2024-35899.html
* https://www.suse.com/security/cve/CVE-2024-35934.html
* https://www.suse.com/security/cve/CVE-2024-35949.html
* https://www.suse.com/security/cve/CVE-2024-35961.html
* https://www.suse.com/security/cve/CVE-2024-35979.html
* https://www.suse.com/security/cve/CVE-2024-35995.html
* https://www.suse.com/security/cve/CVE-2024-36000.html
* https://www.suse.com/security/cve/CVE-2024-36004.html
* https://www.suse.com/security/cve/CVE-2024-36288.html
* https://www.suse.com/security/cve/CVE-2024-36889.html
* https://www.suse.com/security/cve/CVE-2024-36901.html
* https://www.suse.com/security/cve/CVE-2024-36902.html
* https://www.suse.com/security/cve/CVE-2024-36909.html
* https://www.suse.com/security/cve/CVE-2024-36910.html
* https://www.suse.com/security/cve/CVE-2024-36911.html
* https://www.suse.com/security/cve/CVE-2024-36912.html
* https://www.suse.com/security/cve/CVE-2024-36913.html
* https://www.suse.com/security/cve/CVE-2024-36914.html
* https://www.suse.com/security/cve/CVE-2024-36919.html
* https://www.suse.com/security/cve/CVE-2024-36923.html
* https://www.suse.com/security/cve/CVE-2024-36924.html
* https://www.suse.com/security/cve/CVE-2024-36926.html
* https://www.suse.com/security/cve/CVE-2024-36939.html
* https://www.suse.com/security/cve/CVE-2024-36941.html
* https://www.suse.com/security/cve/CVE-2024-36942.html
* https://www.suse.com/security/cve/CVE-2024-36944.html
* https://www.suse.com/security/cve/CVE-2024-36946.html
* https://www.suse.com/security/cve/CVE-2024-36947.html
* https://www.suse.com/security/cve/CVE-2024-36950.html
* https://www.suse.com/security/cve/CVE-2024-36952.html
* https://www.suse.com/security/cve/CVE-2024-36955.html
* https://www.suse.com/security/cve/CVE-2024-36959.html
* https://www.suse.com/security/cve/CVE-2024-36974.html
* https://www.suse.com/security/cve/CVE-2024-38548.html
* https://www.suse.com/security/cve/CVE-2024-38555.html
* https://www.suse.com/security/cve/CVE-2024-38558.html
* https://www.suse.com/security/cve/CVE-2024-38559.html
* https://www.suse.com/security/cve/CVE-2024-38570.html
* https://www.suse.com/security/cve/CVE-2024-38586.html
* https://www.suse.com/security/cve/CVE-2024-38588.html
* https://www.suse.com/security/cve/CVE-2024-38598.html
* https://www.suse.com/security/cve/CVE-2024-38628.html
* https://www.suse.com/security/cve/CVE-2024-39276.html
* https://www.suse.com/security/cve/CVE-2024-39371.html
* https://www.suse.com/security/cve/CVE-2024-39463.html
* https://www.suse.com/security/cve/CVE-2024-39472.html
* https://www.suse.com/security/cve/CVE-2024-39475.html
* https://www.suse.com/security/cve/CVE-2024-39482.html
* https://www.suse.com/security/cve/CVE-2024-39487.html
* https://www.suse.com/security/cve/CVE-2024-39488.html
* https://www.suse.com/security/cve/CVE-2024-39490.html
* https://www.suse.com/security/cve/CVE-2024-39493.html
* https://www.suse.com/security/cve/CVE-2024-39494.html
* https://www.suse.com/security/cve/CVE-2024-39497.html
* https://www.suse.com/security/cve/CVE-2024-39499.html
* https://www.suse.com/security/cve/CVE-2024-39500.html
* https://www.suse.com/security/cve/CVE-2024-39501.html
* https://www.suse.com/security/cve/CVE-2024-39502.html
* https://www.suse.com/security/cve/CVE-2024-39505.html
* https://www.suse.com/security/cve/CVE-2024-39506.html
* https://www.suse.com/security/cve/CVE-2024-39507.html
* https://www.suse.com/security/cve/CVE-2024-39508.html
* https://www.suse.com/security/cve/CVE-2024-39509.html
* https://www.suse.com/security/cve/CVE-2024-40900.html
* https://www.suse.com/security/cve/CVE-2024-40901.html
* https://www.suse.com/security/cve/CVE-2024-40902.html
* https://www.suse.com/security/cve/CVE-2024-40903.html
* https://www.suse.com/security/cve/CVE-2024-40904.html
* https://www.suse.com/security/cve/CVE-2024-40906.html
* https://www.suse.com/security/cve/CVE-2024-40908.html
* https://www.suse.com/security/cve/CVE-2024-40909.html
* https://www.suse.com/security/cve/CVE-2024-40911.html
* https://www.suse.com/security/cve/CVE-2024-40912.html
* https://www.suse.com/security/cve/CVE-2024-40916.html
* https://www.suse.com/security/cve/CVE-2024-40919.html
* https://www.suse.com/security/cve/CVE-2024-40923.html
* https://www.suse.com/security/cve/CVE-2024-40924.html
* https://www.suse.com/security/cve/CVE-2024-40927.html
* https://www.suse.com/security/cve/CVE-2024-40929.html
* https://www.suse.com/security/cve/CVE-2024-40931.html
* https://www.suse.com/security/cve/CVE-2024-40932.html
* https://www.suse.com/security/cve/CVE-2024-40934.html
* https://www.suse.com/security/cve/CVE-2024-40935.html
* https://www.suse.com/security/cve/CVE-2024-40937.html
* https://www.suse.com/security/cve/CVE-2024-40940.html
* https://www.suse.com/security/cve/CVE-2024-40941.html
* https://www.suse.com/security/cve/CVE-2024-40942.html
* https://www.suse.com/security/cve/CVE-2024-40943.html
* https://www.suse.com/security/cve/CVE-2024-40945.html
* https://www.suse.com/security/cve/CVE-2024-40953.html
* https://www.suse.com/security/cve/CVE-2024-40954.html
* https://www.suse.com/security/cve/CVE-2024-40956.html
* https://www.suse.com/security/cve/CVE-2024-40958.html
* https://www.suse.com/security/cve/CVE-2024-40959.html
* https://www.suse.com/security/cve/CVE-2024-40960.html
* https://www.suse.com/security/cve/CVE-2024-40961.html
* https://www.suse.com/security/cve/CVE-2024-40966.html
* https://www.suse.com/security/cve/CVE-2024-40967.html
* https://www.suse.com/security/cve/CVE-2024-40970.html
* https://www.suse.com/security/cve/CVE-2024-40972.html
* https://www.suse.com/security/cve/CVE-2024-40976.html
* https://www.suse.com/security/cve/CVE-2024-40977.html
* https://www.suse.com/security/cve/CVE-2024-40981.html
* https://www.suse.com/security/cve/CVE-2024-40982.html
* https://www.suse.com/security/cve/CVE-2024-40984.html
* https://www.suse.com/security/cve/CVE-2024-40987.html
* https://www.suse.com/security/cve/CVE-2024-40988.html
* https://www.suse.com/security/cve/CVE-2024-40989.html
* https://www.suse.com/security/cve/CVE-2024-40990.html
* https://www.suse.com/security/cve/CVE-2024-40994.html
* https://www.suse.com/security/cve/CVE-2024-40998.html
* https://www.suse.com/security/cve/CVE-2024-40999.html
* https://www.suse.com/security/cve/CVE-2024-41002.html
* https://www.suse.com/security/cve/CVE-2024-41004.html
* https://www.suse.com/security/cve/CVE-2024-41006.html
* https://www.suse.com/security/cve/CVE-2024-41009.html
* https://www.suse.com/security/cve/CVE-2024-41011.html
* https://www.suse.com/security/cve/CVE-2024-41012.html
* https://www.suse.com/security/cve/CVE-2024-41013.html
* https://www.suse.com/security/cve/CVE-2024-41014.html
* https://www.suse.com/security/cve/CVE-2024-41015.html
* https://www.suse.com/security/cve/CVE-2024-41016.html
* https://www.suse.com/security/cve/CVE-2024-41017.html
* https://www.suse.com/security/cve/CVE-2024-41040.html
* https://www.suse.com/security/cve/CVE-2024-41041.html
* https://www.suse.com/security/cve/CVE-2024-41044.html
* https://www.suse.com/security/cve/CVE-2024-41048.html
* https://www.suse.com/security/cve/CVE-2024-41057.html
* https://www.suse.com/security/cve/CVE-2024-41058.html
* https://www.suse.com/security/cve/CVE-2024-41059.html
* https://www.suse.com/security/cve/CVE-2024-41063.html
* https://www.suse.com/security/cve/CVE-2024-41064.html
* https://www.suse.com/security/cve/CVE-2024-41066.html
* https://www.suse.com/security/cve/CVE-2024-41069.html
* https://www.suse.com/security/cve/CVE-2024-41070.html
* https://www.suse.com/security/cve/CVE-2024-41071.html
* https://www.suse.com/security/cve/CVE-2024-41072.html
* https://www.suse.com/security/cve/CVE-2024-41076.html
* https://www.suse.com/security/cve/CVE-2024-41078.html
* https://www.suse.com/security/cve/CVE-2024-41081.html
* https://www.suse.com/security/cve/CVE-2024-41087.html
* https://www.suse.com/security/cve/CVE-2024-41090.html
* https://www.suse.com/security/cve/CVE-2024-41091.html
* https://www.suse.com/security/cve/CVE-2024-42070.html
* https://www.suse.com/security/cve/CVE-2024-42079.html
* https://www.suse.com/security/cve/CVE-2024-42093.html
* https://www.suse.com/security/cve/CVE-2024-42096.html
* https://www.suse.com/security/cve/CVE-2024-42105.html
* https://www.suse.com/security/cve/CVE-2024-42122.html
* https://www.suse.com/security/cve/CVE-2024-42124.html
* https://www.suse.com/security/cve/CVE-2024-42145.html
* https://www.suse.com/security/cve/CVE-2024-42161.html
* https://www.suse.com/security/cve/CVE-2024-42224.html
* https://www.suse.com/security/cve/CVE-2024-42230.html
* https://bugzilla.suse.com/show_bug.cgi?id=1082555
* https://bugzilla.suse.com/show_bug.cgi?id=1193454
* https://bugzilla.suse.com/show_bug.cgi?id=1193554
* https://bugzilla.suse.com/show_bug.cgi?id=1193787
* https://bugzilla.suse.com/show_bug.cgi?id=1194324
* https://bugzilla.suse.com/show_bug.cgi?id=1194869
* https://bugzilla.suse.com/show_bug.cgi?id=1195357
* https://bugzilla.suse.com/show_bug.cgi?id=1195668
* https://bugzilla.suse.com/show_bug.cgi?id=1195927
* https://bugzilla.suse.com/show_bug.cgi?id=1195957
* https://bugzilla.suse.com/show_bug.cgi?id=1196018
* https://bugzilla.suse.com/show_bug.cgi?id=1196823
* https://bugzilla.suse.com/show_bug.cgi?id=1197146
* https://bugzilla.suse.com/show_bug.cgi?id=1197246
* https://bugzilla.suse.com/show_bug.cgi?id=1197762
* https://bugzilla.suse.com/show_bug.cgi?id=1202346
* https://bugzilla.suse.com/show_bug.cgi?id=1202686
* https://bugzilla.suse.com/show_bug.cgi?id=1208783
* https://bugzilla.suse.com/show_bug.cgi?id=1209636
* https://bugzilla.suse.com/show_bug.cgi?id=1213123
* https://bugzilla.suse.com/show_bug.cgi?id=1215492
* https://bugzilla.suse.com/show_bug.cgi?id=1215587
* https://bugzilla.suse.com/show_bug.cgi?id=1216834
* https://bugzilla.suse.com/show_bug.cgi?id=1219832
* https://bugzilla.suse.com/show_bug.cgi?id=1220138
* https://bugzilla.suse.com/show_bug.cgi?id=1220185
* https://bugzilla.suse.com/show_bug.cgi?id=1220186
* https://bugzilla.suse.com/show_bug.cgi?id=1220187
* https://bugzilla.suse.com/show_bug.cgi?id=1220869
* https://bugzilla.suse.com/show_bug.cgi?id=1220876
* https://bugzilla.suse.com/show_bug.cgi?id=1220942
* https://bugzilla.suse.com/show_bug.cgi?id=1220952
* https://bugzilla.suse.com/show_bug.cgi?id=1221010
* https://bugzilla.suse.com/show_bug.cgi?id=1221044
* https://bugzilla.suse.com/show_bug.cgi?id=1221647
* https://bugzilla.suse.com/show_bug.cgi?id=1221654
* https://bugzilla.suse.com/show_bug.cgi?id=1221656
* https://bugzilla.suse.com/show_bug.cgi?id=1221659
* https://bugzilla.suse.com/show_bug.cgi?id=1221777
* https://bugzilla.suse.com/show_bug.cgi?id=1222011
* https://bugzilla.suse.com/show_bug.cgi?id=1222323
* https://bugzilla.suse.com/show_bug.cgi?id=1222326
* https://bugzilla.suse.com/show_bug.cgi?id=1222328
* https://bugzilla.suse.com/show_bug.cgi?id=1222625
* https://bugzilla.suse.com/show_bug.cgi?id=1222702
* https://bugzilla.suse.com/show_bug.cgi?id=1222728
* https://bugzilla.suse.com/show_bug.cgi?id=1222799
* https://bugzilla.suse.com/show_bug.cgi?id=1222809
* https://bugzilla.suse.com/show_bug.cgi?id=1222810
* https://bugzilla.suse.com/show_bug.cgi?id=1223021
* https://bugzilla.suse.com/show_bug.cgi?id=1223180
* https://bugzilla.suse.com/show_bug.cgi?id=1223635
* https://bugzilla.suse.com/show_bug.cgi?id=1223652
* https://bugzilla.suse.com/show_bug.cgi?id=1223675
* https://bugzilla.suse.com/show_bug.cgi?id=1223778
* https://bugzilla.suse.com/show_bug.cgi?id=1223806
* https://bugzilla.suse.com/show_bug.cgi?id=1223813
* https://bugzilla.suse.com/show_bug.cgi?id=1223815
* https://bugzilla.suse.com/show_bug.cgi?id=1223836
* https://bugzilla.suse.com/show_bug.cgi?id=1223863
* https://bugzilla.suse.com/show_bug.cgi?id=1224414
* https://bugzilla.suse.com/show_bug.cgi?id=1224499
* https://bugzilla.suse.com/show_bug.cgi?id=1224500
* https://bugzilla.suse.com/show_bug.cgi?id=1224512
* https://bugzilla.suse.com/show_bug.cgi?id=1224516
* https://bugzilla.suse.com/show_bug.cgi?id=1224517
* https://bugzilla.suse.com/show_bug.cgi?id=1224545
* https://bugzilla.suse.com/show_bug.cgi?id=1224548
* https://bugzilla.suse.com/show_bug.cgi?id=1224557
* https://bugzilla.suse.com/show_bug.cgi?id=1224572
* https://bugzilla.suse.com/show_bug.cgi?id=1224573
* https://bugzilla.suse.com/show_bug.cgi?id=1224585
* https://bugzilla.suse.com/show_bug.cgi?id=1224604
* https://bugzilla.suse.com/show_bug.cgi?id=1224636
* https://bugzilla.suse.com/show_bug.cgi?id=1224641
* https://bugzilla.suse.com/show_bug.cgi?id=1224683
* https://bugzilla.suse.com/show_bug.cgi?id=1224694
* https://bugzilla.suse.com/show_bug.cgi?id=1224700
* https://bugzilla.suse.com/show_bug.cgi?id=1224743
* https://bugzilla.suse.com/show_bug.cgi?id=1225088
* https://bugzilla.suse.com/show_bug.cgi?id=1225272
* https://bugzilla.suse.com/show_bug.cgi?id=1225301
* https://bugzilla.suse.com/show_bug.cgi?id=1225475
* https://bugzilla.suse.com/show_bug.cgi?id=1225489
* https://bugzilla.suse.com/show_bug.cgi?id=1225504
* https://bugzilla.suse.com/show_bug.cgi?id=1225505
* https://bugzilla.suse.com/show_bug.cgi?id=1225564
* https://bugzilla.suse.com/show_bug.cgi?id=1225573
* https://bugzilla.suse.com/show_bug.cgi?id=1225581
* https://bugzilla.suse.com/show_bug.cgi?id=1225586
* https://bugzilla.suse.com/show_bug.cgi?id=1225711
* https://bugzilla.suse.com/show_bug.cgi?id=1225717
* https://bugzilla.suse.com/show_bug.cgi?id=1225719
* https://bugzilla.suse.com/show_bug.cgi?id=1225744
* https://bugzilla.suse.com/show_bug.cgi?id=1225745
* https://bugzilla.suse.com/show_bug.cgi?id=1225746
* https://bugzilla.suse.com/show_bug.cgi?id=1225752
* https://bugzilla.suse.com/show_bug.cgi?id=1225753
* https://bugzilla.suse.com/show_bug.cgi?id=1225757
* https://bugzilla.suse.com/show_bug.cgi?id=1225767
* https://bugzilla.suse.com/show_bug.cgi?id=1225810
* https://bugzilla.suse.com/show_bug.cgi?id=1225815
* https://bugzilla.suse.com/show_bug.cgi?id=1225820
* https://bugzilla.suse.com/show_bug.cgi?id=1225829
* https://bugzilla.suse.com/show_bug.cgi?id=1225835
* https://bugzilla.suse.com/show_bug.cgi?id=1225838
* https://bugzilla.suse.com/show_bug.cgi?id=1225839
* https://bugzilla.suse.com/show_bug.cgi?id=1225843
* https://bugzilla.suse.com/show_bug.cgi?id=1225847
* https://bugzilla.suse.com/show_bug.cgi?id=1225851
* https://bugzilla.suse.com/show_bug.cgi?id=1225856
* https://bugzilla.suse.com/show_bug.cgi?id=1225895
* https://bugzilla.suse.com/show_bug.cgi?id=1225898
* https://bugzilla.suse.com/show_bug.cgi?id=1225903
* https://bugzilla.suse.com/show_bug.cgi?id=1226202
* https://bugzilla.suse.com/show_bug.cgi?id=1226502
* https://bugzilla.suse.com/show_bug.cgi?id=1226519
* https://bugzilla.suse.com/show_bug.cgi?id=1226551
* https://bugzilla.suse.com/show_bug.cgi?id=1226555
* https://bugzilla.suse.com/show_bug.cgi?id=1226565
* https://bugzilla.suse.com/show_bug.cgi?id=1226568
* https://bugzilla.suse.com/show_bug.cgi?id=1226570
* https://bugzilla.suse.com/show_bug.cgi?id=1226571
* https://bugzilla.suse.com/show_bug.cgi?id=1226574
* https://bugzilla.suse.com/show_bug.cgi?id=1226588
* https://bugzilla.suse.com/show_bug.cgi?id=1226607
* https://bugzilla.suse.com/show_bug.cgi?id=1226650
* https://bugzilla.suse.com/show_bug.cgi?id=1226698
* https://bugzilla.suse.com/show_bug.cgi?id=1226713
* https://bugzilla.suse.com/show_bug.cgi?id=1226716
* https://bugzilla.suse.com/show_bug.cgi?id=1226750
* https://bugzilla.suse.com/show_bug.cgi?id=1226757
* https://bugzilla.suse.com/show_bug.cgi?id=1226758
* https://bugzilla.suse.com/show_bug.cgi?id=1226775
* https://bugzilla.suse.com/show_bug.cgi?id=1226783
* https://bugzilla.suse.com/show_bug.cgi?id=1226785
* https://bugzilla.suse.com/show_bug.cgi?id=1226834
* https://bugzilla.suse.com/show_bug.cgi?id=1226837
* https://bugzilla.suse.com/show_bug.cgi?id=1226911
* https://bugzilla.suse.com/show_bug.cgi?id=1226990
* https://bugzilla.suse.com/show_bug.cgi?id=1226993
* https://bugzilla.suse.com/show_bug.cgi?id=1227090
* https://bugzilla.suse.com/show_bug.cgi?id=1227121
* https://bugzilla.suse.com/show_bug.cgi?id=1227157
* https://bugzilla.suse.com/show_bug.cgi?id=1227162
* https://bugzilla.suse.com/show_bug.cgi?id=1227362
* https://bugzilla.suse.com/show_bug.cgi?id=1227383
* https://bugzilla.suse.com/show_bug.cgi?id=1227432
* https://bugzilla.suse.com/show_bug.cgi?id=1227435
* https://bugzilla.suse.com/show_bug.cgi?id=1227447
* https://bugzilla.suse.com/show_bug.cgi?id=1227487
* https://bugzilla.suse.com/show_bug.cgi?id=1227549
* https://bugzilla.suse.com/show_bug.cgi?id=1227573
* https://bugzilla.suse.com/show_bug.cgi?id=1227618
* https://bugzilla.suse.com/show_bug.cgi?id=1227620
* https://bugzilla.suse.com/show_bug.cgi?id=1227626
* https://bugzilla.suse.com/show_bug.cgi?id=1227635
* https://bugzilla.suse.com/show_bug.cgi?id=1227661
* https://bugzilla.suse.com/show_bug.cgi?id=1227716
* https://bugzilla.suse.com/show_bug.cgi?id=1227722
* https://bugzilla.suse.com/show_bug.cgi?id=1227724
* https://bugzilla.suse.com/show_bug.cgi?id=1227725
* https://bugzilla.suse.com/show_bug.cgi?id=1227728
* https://bugzilla.suse.com/show_bug.cgi?id=1227729
* https://bugzilla.suse.com/show_bug.cgi?id=1227730
* https://bugzilla.suse.com/show_bug.cgi?id=1227732
* https://bugzilla.suse.com/show_bug.cgi?id=1227733
* https://bugzilla.suse.com/show_bug.cgi?id=1227750
* https://bugzilla.suse.com/show_bug.cgi?id=1227754
* https://bugzilla.suse.com/show_bug.cgi?id=1227755
* https://bugzilla.suse.com/show_bug.cgi?id=1227760
* https://bugzilla.suse.com/show_bug.cgi?id=1227762
* https://bugzilla.suse.com/show_bug.cgi?id=1227763
* https://bugzilla.suse.com/show_bug.cgi?id=1227764
* https://bugzilla.suse.com/show_bug.cgi?id=1227766
* https://bugzilla.suse.com/show_bug.cgi?id=1227770
* https://bugzilla.suse.com/show_bug.cgi?id=1227771
* https://bugzilla.suse.com/show_bug.cgi?id=1227772
* https://bugzilla.suse.com/show_bug.cgi?id=1227774
* https://bugzilla.suse.com/show_bug.cgi?id=1227779
* https://bugzilla.suse.com/show_bug.cgi?id=1227780
* https://bugzilla.suse.com/show_bug.cgi?id=1227783
* https://bugzilla.suse.com/show_bug.cgi?id=1227786
* https://bugzilla.suse.com/show_bug.cgi?id=1227787
* https://bugzilla.suse.com/show_bug.cgi?id=1227790
* https://bugzilla.suse.com/show_bug.cgi?id=1227792
* https://bugzilla.suse.com/show_bug.cgi?id=1227796
* https://bugzilla.suse.com/show_bug.cgi?id=1227797
* https://bugzilla.suse.com/show_bug.cgi?id=1227798
* https://bugzilla.suse.com/show_bug.cgi?id=1227800
* https://bugzilla.suse.com/show_bug.cgi?id=1227802
* https://bugzilla.suse.com/show_bug.cgi?id=1227806
* https://bugzilla.suse.com/show_bug.cgi?id=1227808
* https://bugzilla.suse.com/show_bug.cgi?id=1227810
* https://bugzilla.suse.com/show_bug.cgi?id=1227812
* https://bugzilla.suse.com/show_bug.cgi?id=1227813
* https://bugzilla.suse.com/show_bug.cgi?id=1227814
* https://bugzilla.suse.com/show_bug.cgi?id=1227816
* https://bugzilla.suse.com/show_bug.cgi?id=1227820
* https://bugzilla.suse.com/show_bug.cgi?id=1227823
* https://bugzilla.suse.com/show_bug.cgi?id=1227824
* https://bugzilla.suse.com/show_bug.cgi?id=1227828
* https://bugzilla.suse.com/show_bug.cgi?id=1227829
* https://bugzilla.suse.com/show_bug.cgi?id=1227836
* https://bugzilla.suse.com/show_bug.cgi?id=1227846
* https://bugzilla.suse.com/show_bug.cgi?id=1227849
* https://bugzilla.suse.com/show_bug.cgi?id=1227851
* https://bugzilla.suse.com/show_bug.cgi?id=1227862
* https://bugzilla.suse.com/show_bug.cgi?id=1227864
* https://bugzilla.suse.com/show_bug.cgi?id=1227865
* https://bugzilla.suse.com/show_bug.cgi?id=1227866
* https://bugzilla.suse.com/show_bug.cgi?id=1227870
* https://bugzilla.suse.com/show_bug.cgi?id=1227884
* https://bugzilla.suse.com/show_bug.cgi?id=1227886
* https://bugzilla.suse.com/show_bug.cgi?id=1227891
* https://bugzilla.suse.com/show_bug.cgi?id=1227893
* https://bugzilla.suse.com/show_bug.cgi?id=1227899
* https://bugzilla.suse.com/show_bug.cgi?id=1227900
* https://bugzilla.suse.com/show_bug.cgi?id=1227910
* https://bugzilla.suse.com/show_bug.cgi?id=1227913
* https://bugzilla.suse.com/show_bug.cgi?id=1227917
* https://bugzilla.suse.com/show_bug.cgi?id=1227919
* https://bugzilla.suse.com/show_bug.cgi?id=1227920
* https://bugzilla.suse.com/show_bug.cgi?id=1227921
* https://bugzilla.suse.com/show_bug.cgi?id=1227922
* https://bugzilla.suse.com/show_bug.cgi?id=1227923
* https://bugzilla.suse.com/show_bug.cgi?id=1227924
* https://bugzilla.suse.com/show_bug.cgi?id=1227925
* https://bugzilla.suse.com/show_bug.cgi?id=1227927
* https://bugzilla.suse.com/show_bug.cgi?id=1227928
* https://bugzilla.suse.com/show_bug.cgi?id=1227931
* https://bugzilla.suse.com/show_bug.cgi?id=1227932
* https://bugzilla.suse.com/show_bug.cgi?id=1227933
* https://bugzilla.suse.com/show_bug.cgi?id=1227935
* https://bugzilla.suse.com/show_bug.cgi?id=1227936
* https://bugzilla.suse.com/show_bug.cgi?id=1227938
* https://bugzilla.suse.com/show_bug.cgi?id=1227941
* https://bugzilla.suse.com/show_bug.cgi?id=1227942
* https://bugzilla.suse.com/show_bug.cgi?id=1227944
* https://bugzilla.suse.com/show_bug.cgi?id=1227945
* https://bugzilla.suse.com/show_bug.cgi?id=1227947
* https://bugzilla.suse.com/show_bug.cgi?id=1227948
* https://bugzilla.suse.com/show_bug.cgi?id=1227949
* https://bugzilla.suse.com/show_bug.cgi?id=1227950
* https://bugzilla.suse.com/show_bug.cgi?id=1227952
* https://bugzilla.suse.com/show_bug.cgi?id=1227953
* https://bugzilla.suse.com/show_bug.cgi?id=1227954
* https://bugzilla.suse.com/show_bug.cgi?id=1227956
* https://bugzilla.suse.com/show_bug.cgi?id=1227957
* https://bugzilla.suse.com/show_bug.cgi?id=1227963
* https://bugzilla.suse.com/show_bug.cgi?id=1227964
* https://bugzilla.suse.com/show_bug.cgi?id=1227965
* https://bugzilla.suse.com/show_bug.cgi?id=1227968
* https://bugzilla.suse.com/show_bug.cgi?id=1227969
* https://bugzilla.suse.com/show_bug.cgi?id=1227970
* https://bugzilla.suse.com/show_bug.cgi?id=1227971
* https://bugzilla.suse.com/show_bug.cgi?id=1227972
* https://bugzilla.suse.com/show_bug.cgi?id=1227975
* https://bugzilla.suse.com/show_bug.cgi?id=1227976
* https://bugzilla.suse.com/show_bug.cgi?id=1227981
* https://bugzilla.suse.com/show_bug.cgi?id=1227982
* https://bugzilla.suse.com/show_bug.cgi?id=1227985
* https://bugzilla.suse.com/show_bug.cgi?id=1227986
* https://bugzilla.suse.com/show_bug.cgi?id=1227987
* https://bugzilla.suse.com/show_bug.cgi?id=1227988
* https://bugzilla.suse.com/show_bug.cgi?id=1227989
* https://bugzilla.suse.com/show_bug.cgi?id=1227990
* https://bugzilla.suse.com/show_bug.cgi?id=1227991
* https://bugzilla.suse.com/show_bug.cgi?id=1227992
* https://bugzilla.suse.com/show_bug.cgi?id=1227993
* https://bugzilla.suse.com/show_bug.cgi?id=1227995
* https://bugzilla.suse.com/show_bug.cgi?id=1227996
* https://bugzilla.suse.com/show_bug.cgi?id=1227997
* https://bugzilla.suse.com/show_bug.cgi?id=1228000
* https://bugzilla.suse.com/show_bug.cgi?id=1228002
* https://bugzilla.suse.com/show_bug.cgi?id=1228003
* https://bugzilla.suse.com/show_bug.cgi?id=1228004
* https://bugzilla.suse.com/show_bug.cgi?id=1228005
* https://bugzilla.suse.com/show_bug.cgi?id=1228006
* https://bugzilla.suse.com/show_bug.cgi?id=1228007
* https://bugzilla.suse.com/show_bug.cgi?id=1228008
* https://bugzilla.suse.com/show_bug.cgi?id=1228009
* https://bugzilla.suse.com/show_bug.cgi?id=1228010
* https://bugzilla.suse.com/show_bug.cgi?id=1228011
* https://bugzilla.suse.com/show_bug.cgi?id=1228013
* https://bugzilla.suse.com/show_bug.cgi?id=1228014
* https://bugzilla.suse.com/show_bug.cgi?id=1228015
* https://bugzilla.suse.com/show_bug.cgi?id=1228019
* https://bugzilla.suse.com/show_bug.cgi?id=1228020
* https://bugzilla.suse.com/show_bug.cgi?id=1228025
* https://bugzilla.suse.com/show_bug.cgi?id=1228028
* https://bugzilla.suse.com/show_bug.cgi?id=1228035
* https://bugzilla.suse.com/show_bug.cgi?id=1228037
* https://bugzilla.suse.com/show_bug.cgi?id=1228038
* https://bugzilla.suse.com/show_bug.cgi?id=1228039
* https://bugzilla.suse.com/show_bug.cgi?id=1228040
* https://bugzilla.suse.com/show_bug.cgi?id=1228045
* https://bugzilla.suse.com/show_bug.cgi?id=1228054
* https://bugzilla.suse.com/show_bug.cgi?id=1228055
* https://bugzilla.suse.com/show_bug.cgi?id=1228056
* https://bugzilla.suse.com/show_bug.cgi?id=1228060
* https://bugzilla.suse.com/show_bug.cgi?id=1228061
* https://bugzilla.suse.com/show_bug.cgi?id=1228062
* https://bugzilla.suse.com/show_bug.cgi?id=1228063
* https://bugzilla.suse.com/show_bug.cgi?id=1228064
* https://bugzilla.suse.com/show_bug.cgi?id=1228066
* https://bugzilla.suse.com/show_bug.cgi?id=1228067
* https://bugzilla.suse.com/show_bug.cgi?id=1228068
* https://bugzilla.suse.com/show_bug.cgi?id=1228071
* https://bugzilla.suse.com/show_bug.cgi?id=1228079
* https://bugzilla.suse.com/show_bug.cgi?id=1228090
* https://bugzilla.suse.com/show_bug.cgi?id=1228114
* https://bugzilla.suse.com/show_bug.cgi?id=1228140
* https://bugzilla.suse.com/show_bug.cgi?id=1228190
* https://bugzilla.suse.com/show_bug.cgi?id=1228191
* https://bugzilla.suse.com/show_bug.cgi?id=1228195
* https://bugzilla.suse.com/show_bug.cgi?id=1228202
* https://bugzilla.suse.com/show_bug.cgi?id=1228226
* https://bugzilla.suse.com/show_bug.cgi?id=1228235
* https://bugzilla.suse.com/show_bug.cgi?id=1228237
* https://bugzilla.suse.com/show_bug.cgi?id=1228247
* https://bugzilla.suse.com/show_bug.cgi?id=1228327
* https://bugzilla.suse.com/show_bug.cgi?id=1228328
* https://bugzilla.suse.com/show_bug.cgi?id=1228330
* https://bugzilla.suse.com/show_bug.cgi?id=1228403
* https://bugzilla.suse.com/show_bug.cgi?id=1228405
* https://bugzilla.suse.com/show_bug.cgi?id=1228408
* https://bugzilla.suse.com/show_bug.cgi?id=1228409
* https://bugzilla.suse.com/show_bug.cgi?id=1228410
* https://bugzilla.suse.com/show_bug.cgi?id=1228418
* https://bugzilla.suse.com/show_bug.cgi?id=1228440
* https://bugzilla.suse.com/show_bug.cgi?id=1228459
* https://bugzilla.suse.com/show_bug.cgi?id=1228462
* https://bugzilla.suse.com/show_bug.cgi?id=1228470
* https://bugzilla.suse.com/show_bug.cgi?id=1228518
* https://bugzilla.suse.com/show_bug.cgi?id=1228520
* https://bugzilla.suse.com/show_bug.cgi?id=1228530
* https://bugzilla.suse.com/show_bug.cgi?id=1228561
* https://bugzilla.suse.com/show_bug.cgi?id=1228565
* https://bugzilla.suse.com/show_bug.cgi?id=1228580
* https://bugzilla.suse.com/show_bug.cgi?id=1228581
* https://bugzilla.suse.com/show_bug.cgi?id=1228591
* https://bugzilla.suse.com/show_bug.cgi?id=1228599
* https://bugzilla.suse.com/show_bug.cgi?id=1228617
* https://bugzilla.suse.com/show_bug.cgi?id=1228625
* https://bugzilla.suse.com/show_bug.cgi?id=1228626
* https://bugzilla.suse.com/show_bug.cgi?id=1228633
* https://bugzilla.suse.com/show_bug.cgi?id=1228640
* https://bugzilla.suse.com/show_bug.cgi?id=1228644
* https://bugzilla.suse.com/show_bug.cgi?id=1228649
* https://bugzilla.suse.com/show_bug.cgi?id=1228655
* https://bugzilla.suse.com/show_bug.cgi?id=1228665
* https://bugzilla.suse.com/show_bug.cgi?id=1228672
* https://bugzilla.suse.com/show_bug.cgi?id=1228680
* https://bugzilla.suse.com/show_bug.cgi?id=1228705
* https://bugzilla.suse.com/show_bug.cgi?id=1228723
* https://bugzilla.suse.com/show_bug.cgi?id=1228743
* https://bugzilla.suse.com/show_bug.cgi?id=1228756
* https://bugzilla.suse.com/show_bug.cgi?id=1228801
* https://bugzilla.suse.com/show_bug.cgi?id=1228850
* https://bugzilla.suse.com/show_bug.cgi?id=1228857
* https://jira.suse.com/browse/PED-8582
* https://jira.suse.com/browse/PED-8690



SUSE-SU-2024:2776-1: moderate: Security update for dri3proto, presentproto, wayland-protocols, xwayland


# Security update for dri3proto, presentproto, wayland-protocols, xwayland

Announcement ID: SUSE-SU-2024:2776-1
Rating: moderate
References:

* bsc#1219892
* bsc#1222309
* bsc#1222310
* bsc#1222312
* bsc#1222442
* jsc#PED-9498

Cross-References:

* CVE-2024-31080
* CVE-2024-31081
* CVE-2024-31083

CVSS scores:

* CVE-2024-31080 ( SUSE ): 7.6 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H
* CVE-2024-31081 ( SUSE ): 7.6 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H
* CVE-2024-31083 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected Products:

* Development Tools Module 15-SP5
* Development Tools Module 15-SP6
* openSUSE Leap 15.5
* openSUSE Leap 15.6
* SUSE Linux Enterprise Desktop 15 SP5
* SUSE Linux Enterprise Desktop 15 SP6
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise Real Time 15 SP5
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
* SUSE Linux Enterprise Workstation Extension 15 SP6
* SUSE Package Hub 15 15-SP6

An update that solves three vulnerabilities, contains one feature and has two
security fixes can now be installed.

## Description:

This update for dri3proto, presentproto, wayland-protocols, xwayland fixes the
following issues:

Changes in presentproto:

* update to version 1.4 (patch generated from xorgproto-2024.1 sources)

Changes in wayland-protocols:

* Update to version 1.36:

* xdg-dialog: fix missing namespace in protocol name

* Changes from version 1.35:

* cursor-shape-v1: Does not advertises the list of supported cursors

* xdg-shell: add missing enum attribute to set_constraint_adjustment
* xdg-shell: recommend against drawing decorations when tiled
* tablet-v2: mark as stable
* staging: add alpha-modifier protocol

* Update to 1.36

* Fix to the xdg dialog protocol

* tablet-v2 protocol is now stable
* alpha-modifier: new protocol
* Bug fix to the cursor shape documentation
* The xdg-shell protocol now also explicitly recommends against drawing
decorations outside of the window geometry when tiled

* Update to 1.34:

* xdg-dialog: new protocol

* xdg-toplevel-drag: new protocol
* Fix typo in ext-foreign-toplevel-list-v1
* tablet-v2: clarify that name/id events are optional
* linux-drm-syncobj-v1: new protocol
* linux-explicit-synchronization-v1: add linux-drm-syncobj note

* Update to version 1.33:

* xdg-shell: Clarify what a toplevel by default includes

* linux-dmabuf: sync changes from unstable to stable
* linux-dmabuf: require all planes to use the same modifier
* presentation-time: stop referring to Linux/glibc
* security-context-v1: Make sandbox engine names use reverse-DNS
* xdg-decoration: remove ambiguous wording in configure event
* xdg-decoration: fix configure event summary
* linux-dmabuf: mark as stable
* linux-dmabuf: add note about implicit sync
* security-context-v1: Document what can be done with the open sockets
* security-context-v1: Document out of band metadata for flatpak

Changes in dri3proto:

* update to version 1.4 (patch generated from xorgproto-2024.1 sources)

Changes in xwayland:

* Update to bugfix release 24.1.1 for the current stable 24.1 branch of
Xwayland

* xwayland: fix segment fault in `xwl_glamor_gbm_init_main_dev`

* os: Explicitly include X11/Xmd.h for CARD32 definition to fix building on
i686
* present: On *BSD, epoll-shim is needed to emulate eventfd()
* xwayland: Stop on first unmapped child
* xwayland/window-buffers: Promote xwl_window_buffer
* xwayland/window-buffers: Add xwl_window_buffer_release()
* xwayland/glamor/gbm: Copy explicit sync code to GLAMOR/GBM
* xwayland/window-buffers: Use synchronization from GLAMOR/GBM
* xwayland/window-buffers: Do not always set syncpnts
* xwayland/window-buffers: Move code to submit pixmaps
* xwayland/window-buffers: Set syncpnts for all pixmaps
* xwayland: Move xwl_window disposal to its own function
* xwayland: Make sure we do not leak xwl_window on destroy
* wayland/window-buffers: Move buffer disposal to its own function
* xwayland/window-buffers: optionally force disposal
* wayland: Force disposal of windows buffers for root on destroy
* xwayland: Check for pointer in xwl_seat_leave_ptr()
* xwayland: remove includedir from pkgconfig

* disable DPMS on sle15 due to missing proto package

* Update to feature release 24.1.0

* This fixes a couple of regressions introduced in the previous release
candidate versions along with a fix for XTEST emulation with EI.
* xwayland: Send ei_device_frame on device_scroll_discrete
* xwayland: Restore the ResizeWindow handler
* xwayland: Handle rootful resize in ResizeWindow
* xwayland: Move XRandR emulation to the ResizeWindow hook
* xwayland: Use correct xwl_window lookup function in xwl_set_shape
* eglstreams has been dropped

* Update to bug fix relesae 23.2.7

* m4: drop autoconf leftovers
* xwayland: Send ei_device_frame on device_scroll_discrete
* xwayland: Call drmFreeDevice for dma-buf default feedback
* xwayland: Use drmDevicesEqual in xwl_dmabuf_feedback_tranche_done
* dri3: Free formats in cache_formats_and_modifiers
* xwayland/glamor: Handle depth 15 in gbm_format_for_depth
* Revert "xwayland/glamor: Avoid implicit redirection with depth 32 parent
windows"
* xwayland: Check for outputs before lease devices
* xwayland: Do not remove output on withdraw if leased

* Update to 23.2.6

* This is a quick bug fix release to address a regression introduced by the
fix for CVE-2024-31083 in xwayland-23.2.5.

* Security update 23.2.5

This release contains the 3 security fixes that actually apply to Xwayland
reported in the security advisory of April 3rd 2024

* CVE-2024-31080
* CVE-2024-31081
* CVE-2024-31083

Additionally, it also contains a couple of other fixes, a copy/paste error in
the DeviceStateNotify event and a fix to enable buttons with pointer gestures
for backward compatibility with legacy X11 clients.

* Don't provide xorg-x11-server-source
* xwayland sources are not meant for a generic server.

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.6
zypper in -t patch SUSE-2024-2776=1 openSUSE-SLE-15.6-2024-2776=1

* openSUSE Leap 15.5
zypper in -t patch openSUSE-SLE-15.5-2024-2776=1

* Development Tools Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP5-2024-2776=1

* Development Tools Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2024-2776=1

* SUSE Package Hub 15 15-SP6
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2024-2776=1

* SUSE Linux Enterprise Workstation Extension 15 SP6
zypper in -t patch SUSE-SLE-Product-WE-15-SP6-2024-2776=1

## Package List:

* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
* xwayland-devel-24.1.1-150600.5.3.1
* xwayland-debuginfo-24.1.1-150600.5.3.1
* xwayland-debugsource-24.1.1-150600.5.3.1
* xwayland-24.1.1-150600.5.3.1
* presentproto-devel-1.3-150600.3.3.1
* openSUSE Leap 15.6 (noarch)
* wayland-protocols-devel-1.36-150600.4.3.1
* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
* dri3proto-devel-1.2-150100.6.3.1
* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64)
* dri3proto-devel-1.2-150100.6.3.1
* Development Tools Module 15-SP5 (aarch64 ppc64le s390x x86_64)
* dri3proto-devel-1.2-150100.6.3.1
* Development Tools Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* dri3proto-devel-1.2-150100.6.3.1
* presentproto-devel-1.3-150600.3.3.1
* SUSE Package Hub 15 15-SP6 (noarch)
* wayland-protocols-devel-1.36-150600.4.3.1
* SUSE Linux Enterprise Workstation Extension 15 SP6 (x86_64)
* xwayland-debugsource-24.1.1-150600.5.3.1
* xwayland-24.1.1-150600.5.3.1
* xwayland-debuginfo-24.1.1-150600.5.3.1

## References:

* https://www.suse.com/security/cve/CVE-2024-31080.html
* https://www.suse.com/security/cve/CVE-2024-31081.html
* https://www.suse.com/security/cve/CVE-2024-31083.html
* https://bugzilla.suse.com/show_bug.cgi?id=1219892
* https://bugzilla.suse.com/show_bug.cgi?id=1222309
* https://bugzilla.suse.com/show_bug.cgi?id=1222310
* https://bugzilla.suse.com/show_bug.cgi?id=1222312
* https://bugzilla.suse.com/show_bug.cgi?id=1222442
* https://jira.suse.com/browse/PED-9498



SUSE-SU-2024:2948-1: important: Security update for the Linux Kernel


# Security update for the Linux Kernel

Announcement ID: SUSE-SU-2024:2948-1
Rating: important
References:

* bsc#1065729
* bsc#1179610
* bsc#1186463
* bsc#1216834
* bsc#1218820
* bsc#1220185
* bsc#1220186
* bsc#1220187
* bsc#1221539
* bsc#1222728
* bsc#1222824
* bsc#1223863
* bsc#1224918
* bsc#1225404
* bsc#1225431
* bsc#1226519
* bsc#1226550
* bsc#1226574
* bsc#1226575
* bsc#1226662
* bsc#1226666
* bsc#1226785
* bsc#1227213
* bsc#1227362
* bsc#1227487
* bsc#1227716
* bsc#1227750
* bsc#1227810
* bsc#1227836
* bsc#1227976
* bsc#1228013
* bsc#1228040
* bsc#1228114
* bsc#1228328
* bsc#1228561
* bsc#1228644
* bsc#1228743

Cross-References:

* CVE-2020-26558
* CVE-2021-0129
* CVE-2021-47126
* CVE-2021-47219
* CVE-2021-47291
* CVE-2021-47506
* CVE-2021-47520
* CVE-2021-47580
* CVE-2021-47598
* CVE-2021-47600
* CVE-2022-48792
* CVE-2022-48821
* CVE-2022-48822
* CVE-2023-52686
* CVE-2023-52885
* CVE-2024-26583
* CVE-2024-26584
* CVE-2024-26585
* CVE-2024-26800
* CVE-2024-36974
* CVE-2024-38559
* CVE-2024-39494
* CVE-2024-40937
* CVE-2024-40956
* CVE-2024-41011
* CVE-2024-41059
* CVE-2024-41069
* CVE-2024-41090
* CVE-2024-42145

CVSS scores:

* CVE-2020-26558 ( SUSE ): 4.2 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
* CVE-2020-26558 ( NVD ): 4.2 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
* CVE-2021-0129 ( SUSE ): 6.4 CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
* CVE-2021-0129 ( NVD ): 5.7 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
* CVE-2021-47126 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47219 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
* CVE-2021-47291 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2021-47506 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2021-47520 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2021-47520 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2021-47580 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L
* CVE-2021-47598 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2021-47600 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2022-48792 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2022-48792 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2022-48821 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2022-48822 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2022-48822 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-52686 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52885 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-26583 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26583 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26584 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26584 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26585 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-26585 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26800 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-36974 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-38559 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-39494 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-39494 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-40937 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-40956 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-41011 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-41059 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2024-41059 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-41069 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2024-41069 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-41090 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
* CVE-2024-42145 ( SUSE ): 8.7
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2024-42145 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products:

* openSUSE Leap 15.3
* SUSE Enterprise Storage 7.1
* SUSE Linux Enterprise High Availability Extension 15 SP3
* SUSE Linux Enterprise High Performance Computing 15 SP3
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
* SUSE Linux Enterprise Live Patching 15-SP3
* SUSE Linux Enterprise Micro 5.1
* SUSE Linux Enterprise Micro 5.2
* SUSE Linux Enterprise Micro for Rancher 5.2
* SUSE Linux Enterprise Server 15 SP3
* SUSE Linux Enterprise Server 15 SP3 Business Critical Linux 15-SP3
* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3
* SUSE Linux Enterprise Server for SAP Applications 15 SP3
* SUSE Manager Proxy 4.2
* SUSE Manager Retail Branch Server 4.2
* SUSE Manager Server 4.2

An update that solves 29 vulnerabilities and has eight security fixes can now be
installed.

## Description:

The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security
bugfixes.

The following security bugs were fixed:

* CVE-2020-26558: Fixed a flaw in the Bluetooth LE and BR/EDR secure pairing
that could permit a nearby man-in-the-middle attacker to identify the
Passkey used during pairing (bsc#1179610).
* CVE-2021-0129: Improper access control in BlueZ may have allowed an
authenticated user to potentially enable information disclosure via adjacent
access (bsc#1186463).
* CVE-2021-47126: ipv6: Fix KASAN: slab-out-of-bounds Read in
fib6_nh_flush_exceptions (bsc#1221539).
* CVE-2021-47219: scsi: scsi_debug: Fix out-of-bound read in
resp_report_tgtpgs() (bsc#1222824).
* CVE-2021-47291: ipv6: fix another slab-out-of-bounds in
fib6_nh_flush_exceptions (bsc#1224918).
* CVE-2021-47506: nfsd: fix use-after-free due to delegation race
(bsc#1225404).
* CVE-2021-47520: can: pch_can: pch_can_rx_normal: fix use after free
(bsc#1225431).
* CVE-2021-47580: scsi: scsi_debug: Fix type in min_t to avoid stack OOB
(bsc#1226550).
* CVE-2021-47598: sch_cake: do not call cake_destroy() from cake_init()
(bsc#1226574).
* CVE-2021-47600: dm btree remove: fix use after free in rebalance_children()
(bsc#1226575).
* CVE-2022-48792: scsi: pm8001: Fix use-after-free for aborted SSP/STP
sas_task (bsc#1228013).
* CVE-2022-48821: misc: fastrpc: avoid double fput() on failed usercopy
(bsc#1227976).
* CVE-2023-52686: Fix a null pointer in opal_event_init() (bsc#1065729).
* CVE-2023-52885: SUNRPC: Fix UAF in svc_tcp_listen_data_ready()
(bsc#1227750).
* CVE-2024-26585: Fixed race between tx work scheduling and socket close
(bsc#1220187).
* CVE-2024-36974: net/sched: taprio: always validate TCA_TAPRIO_ATTR_PRIOMAP
(bsc#1226519).
* CVE-2024-38559: scsi: qedf: Ensure the copied buf is NUL terminated
(bsc#1226785).
* CVE-2024-39494: ima: Fix use-after-free on a dentry's dname.name
(bsc#1227716).
* CVE-2024-40937: gve: Clear napi->skb before dev_kfree_skb_any()
(bsc#1227836).
* CVE-2024-40956: dmaengine: idxd: Fix possible Use-After-Free in
irq_process_work_list (bsc#1227810).
* CVE-2024-41011: drm/amdkfd: do not allow mapping the MMIO HDP page with
large pages (bsc#1228114).
* CVE-2024-41059: hfsplus: fix uninit-value in copy_name (bsc#1228561).
* CVE-2024-41069: ASoC: topology: Fix route memory corruption (bsc#1228644).
* CVE-2024-41090: tap: add missing verification for short frame (bsc#1228328).
* CVE-2024-42145: IB/core: Implement a limit on UMAD receive List
(bsc#1228743).

The following non-security bugs were fixed:

* Fix spurious WARNING caused by a qxl driver patch (bsc#1227213)
* nfs: Clean up directory array handling (bsc#1226662).
* nfs: Clean up nfs_readdir_page_filler() (bsc#1226662).
* nfs: Clean up readdir struct nfs_cache_array (bsc#1226662).
* nfs: Do not discard readdir results (bsc#1226662).
* nfs: Do not overfill uncached readdir pages (bsc#1226662).
* nfs: Do not re-read the entire page cache to find the next cookie
(bsc#1226662).
* nfs: Ensure contents of struct nfs_open_dir_context are consistent
(bsc#1226662).
* nfs: Fix up directory verifier races (bsc#1226662).
* nfs: Further optimisations for 'ls -l' (bsc#1226662).
* nfs: More readdir cleanups (bsc#1226662).
* nfs: Reduce number of RPC calls when doing uncached readdir (bsc#1226662).
* nfs: Reduce use of uncached readdir (bsc#1226662).
* nfs: Support larger readdir buffers (bsc#1226662).
* nfs: Use the 64-bit server readdir cookies when possible (bsc#1226662).
* nfs: optimise readdir cache page invalidation (bsc#1226662).
* nfsv4.x: by default serialize open/close operations (bsc#1223863
bsc#1227362)
* ocfs2: fix DIO failure due to insufficient transaction credits
(bsc#1216834).
* powerpc/rtas: Prevent Spectre v1 gadget construction in sys_rtas()
(bsc#1227487).
* powerpc/rtas: clean up includes (bsc#1227487).
* x.509: Fix the parser of extended key usage for length (bsc#1218820,
bsc#1226666).

## Special Instructions and Notes:

* Please reboot the system after installing this update.

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.3
zypper in -t patch SUSE-2024-2948=1

* SUSE Linux Enterprise Live Patching 15-SP3
zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2024-2948=1

* SUSE Linux Enterprise High Availability Extension 15 SP3
zypper in -t patch SUSE-SLE-Product-HA-15-SP3-2024-2948=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-2948=1

* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3
zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-2948=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP3
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-2948=1

* SUSE Enterprise Storage 7.1
zypper in -t patch SUSE-Storage-7.1-2024-2948=1

* SUSE Linux Enterprise Micro 5.1
zypper in -t patch SUSE-SUSE-MicroOS-5.1-2024-2948=1

* SUSE Linux Enterprise Micro 5.2
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-2948=1

* SUSE Linux Enterprise Micro for Rancher 5.2
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-2948=1

## Package List:

* openSUSE Leap 15.3 (noarch nosrc)
* kernel-docs-5.3.18-150300.59.170.2
* openSUSE Leap 15.3 (noarch)
* kernel-source-5.3.18-150300.59.170.1
* kernel-macros-5.3.18-150300.59.170.1
* kernel-source-vanilla-5.3.18-150300.59.170.1
* kernel-docs-html-5.3.18-150300.59.170.2
* kernel-devel-5.3.18-150300.59.170.1
* openSUSE Leap 15.3 (nosrc ppc64le x86_64)
* kernel-kvmsmall-5.3.18-150300.59.170.1
* kernel-debug-5.3.18-150300.59.170.1
* openSUSE Leap 15.3 (ppc64le x86_64)
* kernel-kvmsmall-devel-5.3.18-150300.59.170.1
* kernel-debug-debuginfo-5.3.18-150300.59.170.1
* kernel-kvmsmall-debugsource-5.3.18-150300.59.170.1
* kernel-debug-livepatch-devel-5.3.18-150300.59.170.1
* kernel-kvmsmall-devel-debuginfo-5.3.18-150300.59.170.1
* kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.170.1
* kernel-debug-devel-debuginfo-5.3.18-150300.59.170.1
* kernel-debug-debugsource-5.3.18-150300.59.170.1
* kernel-debug-devel-5.3.18-150300.59.170.1
* kernel-kvmsmall-debuginfo-5.3.18-150300.59.170.1
* openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64)
* kernel-default-livepatch-devel-5.3.18-150300.59.170.1
* gfs2-kmp-default-debuginfo-5.3.18-150300.59.170.1
* cluster-md-kmp-default-debuginfo-5.3.18-150300.59.170.1
* kernel-default-base-rebuild-5.3.18-150300.59.170.1.150300.18.100.1
* dlm-kmp-default-5.3.18-150300.59.170.1
* kernel-default-optional-5.3.18-150300.59.170.1
* kernel-obs-build-5.3.18-150300.59.170.1
* kernel-default-debugsource-5.3.18-150300.59.170.1
* kernel-default-extra-debuginfo-5.3.18-150300.59.170.1
* kselftests-kmp-default-debuginfo-5.3.18-150300.59.170.1
* kernel-default-extra-5.3.18-150300.59.170.1
* kernel-default-livepatch-5.3.18-150300.59.170.1
* reiserfs-kmp-default-debuginfo-5.3.18-150300.59.170.1
* kernel-default-base-5.3.18-150300.59.170.1.150300.18.100.1
* kernel-default-debuginfo-5.3.18-150300.59.170.1
* cluster-md-kmp-default-5.3.18-150300.59.170.1
* dlm-kmp-default-debuginfo-5.3.18-150300.59.170.1
* kernel-obs-build-debugsource-5.3.18-150300.59.170.1
* kselftests-kmp-default-5.3.18-150300.59.170.1
* kernel-obs-qa-5.3.18-150300.59.170.1
* kernel-default-optional-debuginfo-5.3.18-150300.59.170.1
* reiserfs-kmp-default-5.3.18-150300.59.170.1
* ocfs2-kmp-default-debuginfo-5.3.18-150300.59.170.1
* kernel-default-devel-debuginfo-5.3.18-150300.59.170.1
* gfs2-kmp-default-5.3.18-150300.59.170.1
* kernel-syms-5.3.18-150300.59.170.1
* kernel-default-devel-5.3.18-150300.59.170.1
* ocfs2-kmp-default-5.3.18-150300.59.170.1
* openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 nosrc)
* kernel-default-5.3.18-150300.59.170.1
* openSUSE Leap 15.3 (ppc64le s390x x86_64)
* kernel-livepatch-5_3_18-150300_59_170-default-debuginfo-1-150300.7.3.1
* kernel-livepatch-5_3_18-150300_59_170-default-1-150300.7.3.1
* kernel-livepatch-SLE15-SP3_Update_47-debugsource-1-150300.7.3.1
* openSUSE Leap 15.3 (x86_64)
* kernel-livepatch-5_3_18-150300_59_170-preempt-1-150300.7.3.1
* kernel-livepatch-5_3_18-150300_59_170-preempt-debuginfo-1-150300.7.3.1
* openSUSE Leap 15.3 (aarch64 x86_64)
* cluster-md-kmp-preempt-debuginfo-5.3.18-150300.59.170.1
* kernel-preempt-debuginfo-5.3.18-150300.59.170.1
* kernel-preempt-extra-5.3.18-150300.59.170.1
* kselftests-kmp-preempt-5.3.18-150300.59.170.1
* gfs2-kmp-preempt-debuginfo-5.3.18-150300.59.170.1
* kernel-preempt-optional-5.3.18-150300.59.170.1
* reiserfs-kmp-preempt-5.3.18-150300.59.170.1
* kernel-preempt-debugsource-5.3.18-150300.59.170.1
* dlm-kmp-preempt-debuginfo-5.3.18-150300.59.170.1
* kernel-preempt-devel-debuginfo-5.3.18-150300.59.170.1
* kernel-preempt-devel-5.3.18-150300.59.170.1
* gfs2-kmp-preempt-5.3.18-150300.59.170.1
* kernel-preempt-livepatch-devel-5.3.18-150300.59.170.1
* cluster-md-kmp-preempt-5.3.18-150300.59.170.1
* ocfs2-kmp-preempt-5.3.18-150300.59.170.1
* kernel-preempt-optional-debuginfo-5.3.18-150300.59.170.1
* dlm-kmp-preempt-5.3.18-150300.59.170.1
* ocfs2-kmp-preempt-debuginfo-5.3.18-150300.59.170.1
* reiserfs-kmp-preempt-debuginfo-5.3.18-150300.59.170.1
* kselftests-kmp-preempt-debuginfo-5.3.18-150300.59.170.1
* kernel-preempt-extra-debuginfo-5.3.18-150300.59.170.1
* openSUSE Leap 15.3 (aarch64 nosrc x86_64)
* kernel-preempt-5.3.18-150300.59.170.1
* openSUSE Leap 15.3 (nosrc s390x)
* kernel-zfcpdump-5.3.18-150300.59.170.1
* openSUSE Leap 15.3 (s390x)
* kernel-zfcpdump-debuginfo-5.3.18-150300.59.170.1
* kernel-zfcpdump-debugsource-5.3.18-150300.59.170.1
* openSUSE Leap 15.3 (nosrc)
* dtb-aarch64-5.3.18-150300.59.170.1
* openSUSE Leap 15.3 (aarch64)
* dtb-mediatek-5.3.18-150300.59.170.1
* dlm-kmp-64kb-5.3.18-150300.59.170.1
* dtb-qcom-5.3.18-150300.59.170.1
* dtb-lg-5.3.18-150300.59.170.1
* dtb-broadcom-5.3.18-150300.59.170.1
* kernel-64kb-livepatch-devel-5.3.18-150300.59.170.1
* dtb-socionext-5.3.18-150300.59.170.1
* dtb-apm-5.3.18-150300.59.170.1
* dtb-nvidia-5.3.18-150300.59.170.1
* dtb-zte-5.3.18-150300.59.170.1
* ocfs2-kmp-64kb-5.3.18-150300.59.170.1
* dtb-renesas-5.3.18-150300.59.170.1
* dtb-exynos-5.3.18-150300.59.170.1
* dtb-rockchip-5.3.18-150300.59.170.1
* kselftests-kmp-64kb-5.3.18-150300.59.170.1
* dtb-hisilicon-5.3.18-150300.59.170.1
* kernel-64kb-debuginfo-5.3.18-150300.59.170.1
* kernel-64kb-optional-debuginfo-5.3.18-150300.59.170.1
* reiserfs-kmp-64kb-debuginfo-5.3.18-150300.59.170.1
* kselftests-kmp-64kb-debuginfo-5.3.18-150300.59.170.1
* dtb-cavium-5.3.18-150300.59.170.1
* dtb-freescale-5.3.18-150300.59.170.1
* gfs2-kmp-64kb-5.3.18-150300.59.170.1
* dtb-al-5.3.18-150300.59.170.1
* dtb-allwinner-5.3.18-150300.59.170.1
* kernel-64kb-debugsource-5.3.18-150300.59.170.1
* kernel-64kb-extra-5.3.18-150300.59.170.1
* dtb-amd-5.3.18-150300.59.170.1
* dtb-marvell-5.3.18-150300.59.170.1
* dtb-arm-5.3.18-150300.59.170.1
* dtb-xilinx-5.3.18-150300.59.170.1
* dtb-altera-5.3.18-150300.59.170.1
* dtb-amlogic-5.3.18-150300.59.170.1
* reiserfs-kmp-64kb-5.3.18-150300.59.170.1
* cluster-md-kmp-64kb-debuginfo-5.3.18-150300.59.170.1
* cluster-md-kmp-64kb-5.3.18-150300.59.170.1
* kernel-64kb-devel-debuginfo-5.3.18-150300.59.170.1
* gfs2-kmp-64kb-debuginfo-5.3.18-150300.59.170.1
* kernel-64kb-optional-5.3.18-150300.59.170.1
* kernel-64kb-extra-debuginfo-5.3.18-150300.59.170.1
* dtb-sprd-5.3.18-150300.59.170.1
* dlm-kmp-64kb-debuginfo-5.3.18-150300.59.170.1
* ocfs2-kmp-64kb-debuginfo-5.3.18-150300.59.170.1
* kernel-64kb-devel-5.3.18-150300.59.170.1
* openSUSE Leap 15.3 (aarch64 nosrc)
* kernel-64kb-5.3.18-150300.59.170.1
* SUSE Linux Enterprise Live Patching 15-SP3 (nosrc)
* kernel-default-5.3.18-150300.59.170.1
* SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64)
* kernel-default-debugsource-5.3.18-150300.59.170.1
* kernel-default-livepatch-devel-5.3.18-150300.59.170.1
* kernel-default-debuginfo-5.3.18-150300.59.170.1
* kernel-livepatch-SLE15-SP3_Update_47-debugsource-1-150300.7.3.1
* kernel-livepatch-5_3_18-150300_59_170-default-debuginfo-1-150300.7.3.1
* kernel-livepatch-5_3_18-150300_59_170-default-1-150300.7.3.1
* kernel-default-livepatch-5.3.18-150300.59.170.1
* SUSE Linux Enterprise High Availability Extension 15 SP3 (aarch64 ppc64le
s390x x86_64)
* kernel-default-debugsource-5.3.18-150300.59.170.1
* kernel-default-debuginfo-5.3.18-150300.59.170.1
* gfs2-kmp-default-debuginfo-5.3.18-150300.59.170.1
* cluster-md-kmp-default-5.3.18-150300.59.170.1
* ocfs2-kmp-default-debuginfo-5.3.18-150300.59.170.1
* cluster-md-kmp-default-debuginfo-5.3.18-150300.59.170.1
* gfs2-kmp-default-5.3.18-150300.59.170.1
* dlm-kmp-default-5.3.18-150300.59.170.1
* dlm-kmp-default-debuginfo-5.3.18-150300.59.170.1
* ocfs2-kmp-default-5.3.18-150300.59.170.1
* SUSE Linux Enterprise High Availability Extension 15 SP3 (nosrc)
* kernel-default-5.3.18-150300.59.170.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 nosrc)
* kernel-64kb-5.3.18-150300.59.170.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64)
* kernel-64kb-debugsource-5.3.18-150300.59.170.1
* kernel-64kb-debuginfo-5.3.18-150300.59.170.1
* kernel-64kb-devel-debuginfo-5.3.18-150300.59.170.1
* kernel-64kb-devel-5.3.18-150300.59.170.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 nosrc
x86_64)
* kernel-preempt-5.3.18-150300.59.170.1
* kernel-default-5.3.18-150300.59.170.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64
x86_64)
* kernel-preempt-devel-5.3.18-150300.59.170.1
* kernel-default-base-5.3.18-150300.59.170.1.150300.18.100.1
* kernel-default-debugsource-5.3.18-150300.59.170.1
* kernel-default-debuginfo-5.3.18-150300.59.170.1
* kernel-preempt-debuginfo-5.3.18-150300.59.170.1
* reiserfs-kmp-default-5.3.18-150300.59.170.1
* kernel-preempt-debugsource-5.3.18-150300.59.170.1
* kernel-default-devel-debuginfo-5.3.18-150300.59.170.1
* kernel-syms-5.3.18-150300.59.170.1
* kernel-preempt-devel-debuginfo-5.3.18-150300.59.170.1
* kernel-obs-build-debugsource-5.3.18-150300.59.170.1
* kernel-default-devel-5.3.18-150300.59.170.1
* kernel-obs-build-5.3.18-150300.59.170.1
* reiserfs-kmp-default-debuginfo-5.3.18-150300.59.170.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch)
* kernel-macros-5.3.18-150300.59.170.1
* kernel-devel-5.3.18-150300.59.170.1
* kernel-source-5.3.18-150300.59.170.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch nosrc)
* kernel-docs-5.3.18-150300.59.170.2
* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 nosrc)
* kernel-64kb-5.3.18-150300.59.170.1
* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64)
* kernel-64kb-debugsource-5.3.18-150300.59.170.1
* kernel-64kb-debuginfo-5.3.18-150300.59.170.1
* kernel-64kb-devel-debuginfo-5.3.18-150300.59.170.1
* kernel-64kb-devel-5.3.18-150300.59.170.1
* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x
x86_64 nosrc)
* kernel-default-5.3.18-150300.59.170.1
* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x
x86_64)
* kernel-default-base-5.3.18-150300.59.170.1.150300.18.100.1
* kernel-default-debugsource-5.3.18-150300.59.170.1
* kernel-default-debuginfo-5.3.18-150300.59.170.1
* reiserfs-kmp-default-5.3.18-150300.59.170.1
* kernel-default-devel-debuginfo-5.3.18-150300.59.170.1
* kernel-syms-5.3.18-150300.59.170.1
* kernel-obs-build-debugsource-5.3.18-150300.59.170.1
* kernel-default-devel-5.3.18-150300.59.170.1
* kernel-obs-build-5.3.18-150300.59.170.1
* reiserfs-kmp-default-debuginfo-5.3.18-150300.59.170.1
* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (noarch)
* kernel-macros-5.3.18-150300.59.170.1
* kernel-devel-5.3.18-150300.59.170.1
* kernel-source-5.3.18-150300.59.170.1
* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (noarch nosrc)
* kernel-docs-5.3.18-150300.59.170.2
* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 nosrc x86_64)
* kernel-preempt-5.3.18-150300.59.170.1
* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 x86_64)
* kernel-preempt-devel-5.3.18-150300.59.170.1
* kernel-preempt-devel-debuginfo-5.3.18-150300.59.170.1
* kernel-preempt-debuginfo-5.3.18-150300.59.170.1
* kernel-preempt-debugsource-5.3.18-150300.59.170.1
* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (nosrc s390x)
* kernel-zfcpdump-5.3.18-150300.59.170.1
* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (s390x)
* kernel-zfcpdump-debuginfo-5.3.18-150300.59.170.1
* kernel-zfcpdump-debugsource-5.3.18-150300.59.170.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP3 (nosrc ppc64le
x86_64)
* kernel-default-5.3.18-150300.59.170.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64)
* kernel-default-base-5.3.18-150300.59.170.1.150300.18.100.1
* kernel-default-debugsource-5.3.18-150300.59.170.1
* kernel-default-debuginfo-5.3.18-150300.59.170.1
* reiserfs-kmp-default-5.3.18-150300.59.170.1
* kernel-default-devel-debuginfo-5.3.18-150300.59.170.1
* kernel-syms-5.3.18-150300.59.170.1
* kernel-obs-build-debugsource-5.3.18-150300.59.170.1
* kernel-default-devel-5.3.18-150300.59.170.1
* kernel-obs-build-5.3.18-150300.59.170.1
* reiserfs-kmp-default-debuginfo-5.3.18-150300.59.170.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch)
* kernel-macros-5.3.18-150300.59.170.1
* kernel-devel-5.3.18-150300.59.170.1
* kernel-source-5.3.18-150300.59.170.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch nosrc)
* kernel-docs-5.3.18-150300.59.170.2
* SUSE Linux Enterprise Server for SAP Applications 15 SP3 (nosrc x86_64)
* kernel-preempt-5.3.18-150300.59.170.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP3 (x86_64)
* kernel-preempt-devel-5.3.18-150300.59.170.1
* kernel-preempt-devel-debuginfo-5.3.18-150300.59.170.1
* kernel-preempt-debuginfo-5.3.18-150300.59.170.1
* kernel-preempt-debugsource-5.3.18-150300.59.170.1
* SUSE Enterprise Storage 7.1 (aarch64 nosrc)
* kernel-64kb-5.3.18-150300.59.170.1
* SUSE Enterprise Storage 7.1 (aarch64)
* kernel-64kb-debugsource-5.3.18-150300.59.170.1
* kernel-64kb-debuginfo-5.3.18-150300.59.170.1
* kernel-64kb-devel-debuginfo-5.3.18-150300.59.170.1
* kernel-64kb-devel-5.3.18-150300.59.170.1
* SUSE Enterprise Storage 7.1 (aarch64 nosrc x86_64)
* kernel-preempt-5.3.18-150300.59.170.1
* kernel-default-5.3.18-150300.59.170.1
* SUSE Enterprise Storage 7.1 (aarch64 x86_64)
* kernel-preempt-devel-5.3.18-150300.59.170.1
* kernel-default-base-5.3.18-150300.59.170.1.150300.18.100.1
* kernel-default-debugsource-5.3.18-150300.59.170.1
* kernel-default-debuginfo-5.3.18-150300.59.170.1
* kernel-preempt-debuginfo-5.3.18-150300.59.170.1
* reiserfs-kmp-default-5.3.18-150300.59.170.1
* kernel-preempt-debugsource-5.3.18-150300.59.170.1
* kernel-default-devel-debuginfo-5.3.18-150300.59.170.1
* kernel-syms-5.3.18-150300.59.170.1
* kernel-preempt-devel-debuginfo-5.3.18-150300.59.170.1
* kernel-obs-build-debugsource-5.3.18-150300.59.170.1
* kernel-default-devel-5.3.18-150300.59.170.1
* kernel-obs-build-5.3.18-150300.59.170.1
* reiserfs-kmp-default-debuginfo-5.3.18-150300.59.170.1
* SUSE Enterprise Storage 7.1 (noarch)
* kernel-macros-5.3.18-150300.59.170.1
* kernel-devel-5.3.18-150300.59.170.1
* kernel-source-5.3.18-150300.59.170.1
* SUSE Enterprise Storage 7.1 (noarch nosrc)
* kernel-docs-5.3.18-150300.59.170.2
* SUSE Linux Enterprise Micro 5.1 (aarch64 nosrc s390x x86_64)
* kernel-default-5.3.18-150300.59.170.1
* SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64)
* kernel-default-debuginfo-5.3.18-150300.59.170.1
* kernel-default-base-5.3.18-150300.59.170.1.150300.18.100.1
* kernel-default-debugsource-5.3.18-150300.59.170.1
* SUSE Linux Enterprise Micro 5.2 (aarch64 nosrc s390x x86_64)
* kernel-default-5.3.18-150300.59.170.1
* SUSE Linux Enterprise Micro 5.2 (aarch64 x86_64)
* kernel-default-base-5.3.18-150300.59.170.1.150300.18.100.1
* SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64)
* kernel-default-debuginfo-5.3.18-150300.59.170.1
* kernel-default-debugsource-5.3.18-150300.59.170.1
* SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 nosrc s390x x86_64)
* kernel-default-5.3.18-150300.59.170.1
* SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 x86_64)
* kernel-default-base-5.3.18-150300.59.170.1.150300.18.100.1
* SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64)
* kernel-default-debuginfo-5.3.18-150300.59.170.1
* kernel-default-debugsource-5.3.18-150300.59.170.1

## References:

* https://www.suse.com/security/cve/CVE-2020-26558.html
* https://www.suse.com/security/cve/CVE-2021-0129.html
* https://www.suse.com/security/cve/CVE-2021-47126.html
* https://www.suse.com/security/cve/CVE-2021-47219.html
* https://www.suse.com/security/cve/CVE-2021-47291.html
* https://www.suse.com/security/cve/CVE-2021-47506.html
* https://www.suse.com/security/cve/CVE-2021-47520.html
* https://www.suse.com/security/cve/CVE-2021-47580.html
* https://www.suse.com/security/cve/CVE-2021-47598.html
* https://www.suse.com/security/cve/CVE-2021-47600.html
* https://www.suse.com/security/cve/CVE-2022-48792.html
* https://www.suse.com/security/cve/CVE-2022-48821.html
* https://www.suse.com/security/cve/CVE-2022-48822.html
* https://www.suse.com/security/cve/CVE-2023-52686.html
* https://www.suse.com/security/cve/CVE-2023-52885.html
* https://www.suse.com/security/cve/CVE-2024-26583.html
* https://www.suse.com/security/cve/CVE-2024-26584.html
* https://www.suse.com/security/cve/CVE-2024-26585.html
* https://www.suse.com/security/cve/CVE-2024-26800.html
* https://www.suse.com/security/cve/CVE-2024-36974.html
* https://www.suse.com/security/cve/CVE-2024-38559.html
* https://www.suse.com/security/cve/CVE-2024-39494.html
* https://www.suse.com/security/cve/CVE-2024-40937.html
* https://www.suse.com/security/cve/CVE-2024-40956.html
* https://www.suse.com/security/cve/CVE-2024-41011.html
* https://www.suse.com/security/cve/CVE-2024-41059.html
* https://www.suse.com/security/cve/CVE-2024-41069.html
* https://www.suse.com/security/cve/CVE-2024-41090.html
* https://www.suse.com/security/cve/CVE-2024-42145.html
* https://bugzilla.suse.com/show_bug.cgi?id=1065729
* https://bugzilla.suse.com/show_bug.cgi?id=1179610
* https://bugzilla.suse.com/show_bug.cgi?id=1186463
* https://bugzilla.suse.com/show_bug.cgi?id=1216834
* https://bugzilla.suse.com/show_bug.cgi?id=1218820
* https://bugzilla.suse.com/show_bug.cgi?id=1220185
* https://bugzilla.suse.com/show_bug.cgi?id=1220186
* https://bugzilla.suse.com/show_bug.cgi?id=1220187
* https://bugzilla.suse.com/show_bug.cgi?id=1221539
* https://bugzilla.suse.com/show_bug.cgi?id=1222728
* https://bugzilla.suse.com/show_bug.cgi?id=1222824
* https://bugzilla.suse.com/show_bug.cgi?id=1223863
* https://bugzilla.suse.com/show_bug.cgi?id=1224918
* https://bugzilla.suse.com/show_bug.cgi?id=1225404
* https://bugzilla.suse.com/show_bug.cgi?id=1225431
* https://bugzilla.suse.com/show_bug.cgi?id=1226519
* https://bugzilla.suse.com/show_bug.cgi?id=1226550
* https://bugzilla.suse.com/show_bug.cgi?id=1226574
* https://bugzilla.suse.com/show_bug.cgi?id=1226575
* https://bugzilla.suse.com/show_bug.cgi?id=1226662
* https://bugzilla.suse.com/show_bug.cgi?id=1226666
* https://bugzilla.suse.com/show_bug.cgi?id=1226785
* https://bugzilla.suse.com/show_bug.cgi?id=1227213
* https://bugzilla.suse.com/show_bug.cgi?id=1227362
* https://bugzilla.suse.com/show_bug.cgi?id=1227487
* https://bugzilla.suse.com/show_bug.cgi?id=1227716
* https://bugzilla.suse.com/show_bug.cgi?id=1227750
* https://bugzilla.suse.com/show_bug.cgi?id=1227810
* https://bugzilla.suse.com/show_bug.cgi?id=1227836
* https://bugzilla.suse.com/show_bug.cgi?id=1227976
* https://bugzilla.suse.com/show_bug.cgi?id=1228013
* https://bugzilla.suse.com/show_bug.cgi?id=1228040
* https://bugzilla.suse.com/show_bug.cgi?id=1228114
* https://bugzilla.suse.com/show_bug.cgi?id=1228328
* https://bugzilla.suse.com/show_bug.cgi?id=1228561
* https://bugzilla.suse.com/show_bug.cgi?id=1228644
* https://bugzilla.suse.com/show_bug.cgi?id=1228743



SUSE-SU-2024:2933-1: moderate: Security update for openssl-1_1


# Security update for openssl-1_1

Announcement ID: SUSE-SU-2024:2933-1
Rating: moderate
References:

* bsc#1225907
* bsc#1226463
* bsc#1227138

Cross-References:

* CVE-2024-5535

CVSS scores:

* CVE-2024-5535 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products:

* Basesystem Module 15-SP6
* Development Tools Module 15-SP6
* Legacy Module 15-SP6
* openSUSE Leap 15.6
* SUSE Linux Enterprise Desktop 15 SP6
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP6

An update that solves one vulnerability and has two security fixes can now be
installed.

## Description:

This update for openssl-1_1 fixes the following issues:

* CVE-2024-5535: Fixed a buffer overread in function SSL_select_next_proto()
with an empty supported client protocols buffer (bsc#1227138)

Other fixes: \- Build with no-afalgeng. (bsc#1226463) \- Fixed C99 violations to
allow the package to build with GCC 14. (bsc#1225907)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.6
zypper in -t patch SUSE-2024-2933=1 openSUSE-SLE-15.6-2024-2933=1

* Basesystem Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-2933=1

* Development Tools Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2024-2933=1

* Legacy Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Legacy-15-SP6-2024-2933=1

## Package List:

* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
* libopenssl-1_1-devel-1.1.1w-150600.5.6.1
* libopenssl1_1-debuginfo-1.1.1w-150600.5.6.1
* openssl-1_1-1.1.1w-150600.5.6.1
* libopenssl1_1-1.1.1w-150600.5.6.1
* openssl-1_1-debugsource-1.1.1w-150600.5.6.1
* openssl-1_1-debuginfo-1.1.1w-150600.5.6.1
* openSUSE Leap 15.6 (x86_64)
* libopenssl1_1-32bit-1.1.1w-150600.5.6.1
* libopenssl1_1-32bit-debuginfo-1.1.1w-150600.5.6.1
* libopenssl-1_1-devel-32bit-1.1.1w-150600.5.6.1
* openSUSE Leap 15.6 (noarch)
* openssl-1_1-doc-1.1.1w-150600.5.6.1
* openSUSE Leap 15.6 (aarch64_ilp32)
* libopenssl1_1-64bit-debuginfo-1.1.1w-150600.5.6.1
* libopenssl1_1-64bit-1.1.1w-150600.5.6.1
* libopenssl-1_1-devel-64bit-1.1.1w-150600.5.6.1
* Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* libopenssl1_1-1.1.1w-150600.5.6.1
* openssl-1_1-debugsource-1.1.1w-150600.5.6.1
* openssl-1_1-debuginfo-1.1.1w-150600.5.6.1
* libopenssl1_1-debuginfo-1.1.1w-150600.5.6.1
* Basesystem Module 15-SP6 (x86_64)
* libopenssl1_1-32bit-1.1.1w-150600.5.6.1
* libopenssl1_1-32bit-debuginfo-1.1.1w-150600.5.6.1
* Development Tools Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* libopenssl-1_1-devel-1.1.1w-150600.5.6.1
* openssl-1_1-debugsource-1.1.1w-150600.5.6.1
* openssl-1_1-debuginfo-1.1.1w-150600.5.6.1
* Legacy Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* openssl-1_1-debugsource-1.1.1w-150600.5.6.1
* openssl-1_1-1.1.1w-150600.5.6.1
* openssl-1_1-debuginfo-1.1.1w-150600.5.6.1

## References:

* https://www.suse.com/security/cve/CVE-2024-5535.html
* https://bugzilla.suse.com/show_bug.cgi?id=1225907
* https://bugzilla.suse.com/show_bug.cgi?id=1226463
* https://bugzilla.suse.com/show_bug.cgi?id=1227138



SUSE-SU-2024:2905-1: important: Security update for webkit2gtk3


# Security update for webkit2gtk3

Announcement ID: SUSE-SU-2024:2905-1
Rating: important
References:

* bsc#1228613
* bsc#1228693
* bsc#1228694
* bsc#1228695

Cross-References:

* CVE-2024-40776
* CVE-2024-40779
* CVE-2024-40780
* CVE-2024-40782

CVSS scores:

* CVE-2024-40776 ( SUSE ): 8.9
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H
* CVE-2024-40776 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H
* CVE-2024-40779 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
* CVE-2024-40780 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
* CVE-2024-40782 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected Products:

* Basesystem Module 15-SP6
* Desktop Applications Module 15-SP6
* Development Tools Module 15-SP6
* openSUSE Leap 15.6
* SUSE Linux Enterprise Desktop 15 SP6
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP6

An update that solves four vulnerabilities can now be installed.

## Description:

This update for webkit2gtk3 fixes the following issues:

* CVE-2024-40776: Fixed a use-after-free issue with improved memory management
(bsc#1228613).
* CVE-2024-40779: Fixed a out-of-bounds read with improved bounds checking
(bsc#1228693).
* CVE-2024-40780: Fixed another out-of-bounds read with improved bounds
checking (bsc#1228694).
* CVE-2024-40782: Fixed a second use-after-free issue with improved memory
management (bsc#1228695).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.6
zypper in -t patch SUSE-2024-2905=1 openSUSE-SLE-15.6-2024-2905=1

* Basesystem Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-2905=1

* Desktop Applications Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP6-2024-2905=1

* Development Tools Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2024-2905=1

## Package List:

* openSUSE Leap 15.6 (noarch)
* WebKitGTK-4.0-lang-2.44.2-150600.12.6.1
* WebKitGTK-6.0-lang-2.44.2-150600.12.6.1
* WebKitGTK-4.1-lang-2.44.2-150600.12.6.1
* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
* webkit2gtk3-soup2-minibrowser-2.44.2-150600.12.6.1
* libjavascriptcoregtk-6_0-1-debuginfo-2.44.2-150600.12.6.1
* typelib-1_0-JavaScriptCore-4_1-2.44.2-150600.12.6.1
* webkit2gtk-4_0-injected-bundles-2.44.2-150600.12.6.1
* webkit2gtk3-soup2-minibrowser-debuginfo-2.44.2-150600.12.6.1
* webkit2gtk3-minibrowser-2.44.2-150600.12.6.1
* webkitgtk-6_0-injected-bundles-2.44.2-150600.12.6.1
* webkit2gtk-4_0-injected-bundles-debuginfo-2.44.2-150600.12.6.1
* libwebkit2gtk-4_1-0-2.44.2-150600.12.6.1
* typelib-1_0-WebKit-6_0-2.44.2-150600.12.6.1
* webkit2gtk4-devel-2.44.2-150600.12.6.1
* webkit2gtk3-soup2-devel-2.44.2-150600.12.6.1
* libjavascriptcoregtk-4_1-0-2.44.2-150600.12.6.1
* webkit-jsc-4-debuginfo-2.44.2-150600.12.6.1
* libjavascriptcoregtk-6_0-1-2.44.2-150600.12.6.1
* libjavascriptcoregtk-4_0-18-2.44.2-150600.12.6.1
* libwebkitgtk-6_0-4-2.44.2-150600.12.6.1
* libwebkit2gtk-4_1-0-debuginfo-2.44.2-150600.12.6.1
* libjavascriptcoregtk-4_0-18-debuginfo-2.44.2-150600.12.6.1
* webkit2gtk4-minibrowser-2.44.2-150600.12.6.1
* typelib-1_0-JavaScriptCore-4_0-2.44.2-150600.12.6.1
* webkit2gtk4-debugsource-2.44.2-150600.12.6.1
* webkit2gtk-4_1-injected-bundles-2.44.2-150600.12.6.1
* webkit2gtk3-debugsource-2.44.2-150600.12.6.1
* libwebkit2gtk-4_0-37-2.44.2-150600.12.6.1
* webkit2gtk3-minibrowser-debuginfo-2.44.2-150600.12.6.1
* libwebkit2gtk-4_0-37-debuginfo-2.44.2-150600.12.6.1
* webkit2gtk4-minibrowser-debuginfo-2.44.2-150600.12.6.1
* typelib-1_0-WebKit2-4_0-2.44.2-150600.12.6.1
* webkit2gtk-4_1-injected-bundles-debuginfo-2.44.2-150600.12.6.1
* webkit-jsc-4.1-2.44.2-150600.12.6.1
* typelib-1_0-WebKitWebProcessExtension-6_0-2.44.2-150600.12.6.1
* typelib-1_0-JavaScriptCore-6_0-2.44.2-150600.12.6.1
* webkit2gtk3-soup2-debugsource-2.44.2-150600.12.6.1
* typelib-1_0-WebKit2WebExtension-4_0-2.44.2-150600.12.6.1
* webkit-jsc-4.1-debuginfo-2.44.2-150600.12.6.1
* webkit-jsc-6.0-2.44.2-150600.12.6.1
* webkit-jsc-6.0-debuginfo-2.44.2-150600.12.6.1
* libjavascriptcoregtk-4_1-0-debuginfo-2.44.2-150600.12.6.1
* webkitgtk-6_0-injected-bundles-debuginfo-2.44.2-150600.12.6.1
* webkit-jsc-4-2.44.2-150600.12.6.1
* typelib-1_0-WebKit2WebExtension-4_1-2.44.2-150600.12.6.1
* libwebkitgtk-6_0-4-debuginfo-2.44.2-150600.12.6.1
* typelib-1_0-WebKit2-4_1-2.44.2-150600.12.6.1
* webkit2gtk3-devel-2.44.2-150600.12.6.1
* openSUSE Leap 15.6 (x86_64)
* libjavascriptcoregtk-4_0-18-32bit-debuginfo-2.44.2-150600.12.6.1
* libwebkit2gtk-4_0-37-32bit-debuginfo-2.44.2-150600.12.6.1
* libwebkit2gtk-4_1-0-32bit-debuginfo-2.44.2-150600.12.6.1
* libwebkit2gtk-4_1-0-32bit-2.44.2-150600.12.6.1
* libwebkit2gtk-4_0-37-32bit-2.44.2-150600.12.6.1
* libjavascriptcoregtk-4_1-0-32bit-2.44.2-150600.12.6.1
* libjavascriptcoregtk-4_1-0-32bit-debuginfo-2.44.2-150600.12.6.1
* libjavascriptcoregtk-4_0-18-32bit-2.44.2-150600.12.6.1
* openSUSE Leap 15.6 (aarch64_ilp32)
* libjavascriptcoregtk-4_0-18-64bit-debuginfo-2.44.2-150600.12.6.1
* libwebkit2gtk-4_1-0-64bit-2.44.2-150600.12.6.1
* libjavascriptcoregtk-4_1-0-64bit-2.44.2-150600.12.6.1
* libwebkit2gtk-4_1-0-64bit-debuginfo-2.44.2-150600.12.6.1
* libwebkit2gtk-4_0-37-64bit-2.44.2-150600.12.6.1
* libjavascriptcoregtk-4_1-0-64bit-debuginfo-2.44.2-150600.12.6.1
* libjavascriptcoregtk-4_0-18-64bit-2.44.2-150600.12.6.1
* libwebkit2gtk-4_0-37-64bit-debuginfo-2.44.2-150600.12.6.1
* Basesystem Module 15-SP6 (noarch)
* WebKitGTK-4.0-lang-2.44.2-150600.12.6.1
* WebKitGTK-6.0-lang-2.44.2-150600.12.6.1
* Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* libjavascriptcoregtk-6_0-1-debuginfo-2.44.2-150600.12.6.1
* libjavascriptcoregtk-4_0-18-debuginfo-2.44.2-150600.12.6.1
* typelib-1_0-WebKit2WebExtension-4_0-2.44.2-150600.12.6.1
* typelib-1_0-JavaScriptCore-4_0-2.44.2-150600.12.6.1
* webkit2gtk3-soup2-devel-2.44.2-150600.12.6.1
* webkit2gtk4-debugsource-2.44.2-150600.12.6.1
* libjavascriptcoregtk-6_0-1-2.44.2-150600.12.6.1
* webkitgtk-6_0-injected-bundles-debuginfo-2.44.2-150600.12.6.1
* libwebkit2gtk-4_0-37-2.44.2-150600.12.6.1
* libwebkitgtk-6_0-4-debuginfo-2.44.2-150600.12.6.1
* webkit2gtk-4_0-injected-bundles-2.44.2-150600.12.6.1
* libjavascriptcoregtk-4_0-18-2.44.2-150600.12.6.1
* libwebkitgtk-6_0-4-2.44.2-150600.12.6.1
* webkitgtk-6_0-injected-bundles-2.44.2-150600.12.6.1
* libwebkit2gtk-4_0-37-debuginfo-2.44.2-150600.12.6.1
* webkit2gtk-4_0-injected-bundles-debuginfo-2.44.2-150600.12.6.1
* typelib-1_0-WebKit2-4_0-2.44.2-150600.12.6.1
* webkit2gtk3-soup2-debugsource-2.44.2-150600.12.6.1
* Desktop Applications Module 15-SP6 (noarch)
* WebKitGTK-4.1-lang-2.44.2-150600.12.6.1
* Desktop Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* libwebkit2gtk-4_1-0-2.44.2-150600.12.6.1
* typelib-1_0-JavaScriptCore-4_1-2.44.2-150600.12.6.1
* libjavascriptcoregtk-4_1-0-2.44.2-150600.12.6.1
* libjavascriptcoregtk-4_1-0-debuginfo-2.44.2-150600.12.6.1
* webkit2gtk-4_1-injected-bundles-2.44.2-150600.12.6.1
* webkit2gtk3-debugsource-2.44.2-150600.12.6.1
* typelib-1_0-WebKit2WebExtension-4_1-2.44.2-150600.12.6.1
* webkit2gtk-4_1-injected-bundles-debuginfo-2.44.2-150600.12.6.1
* libwebkit2gtk-4_1-0-debuginfo-2.44.2-150600.12.6.1
* typelib-1_0-WebKit2-4_1-2.44.2-150600.12.6.1
* webkit2gtk3-devel-2.44.2-150600.12.6.1
* Development Tools Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* typelib-1_0-WebKit-6_0-2.44.2-150600.12.6.1
* typelib-1_0-JavaScriptCore-6_0-2.44.2-150600.12.6.1
* webkit2gtk4-devel-2.44.2-150600.12.6.1
* webkit2gtk4-debugsource-2.44.2-150600.12.6.1
* typelib-1_0-WebKitWebProcessExtension-6_0-2.44.2-150600.12.6.1

## References:

* https://www.suse.com/security/cve/CVE-2024-40776.html
* https://www.suse.com/security/cve/CVE-2024-40779.html
* https://www.suse.com/security/cve/CVE-2024-40780.html
* https://www.suse.com/security/cve/CVE-2024-40782.html
* https://bugzilla.suse.com/show_bug.cgi?id=1228613
* https://bugzilla.suse.com/show_bug.cgi?id=1228693
* https://bugzilla.suse.com/show_bug.cgi?id=1228694
* https://bugzilla.suse.com/show_bug.cgi?id=1228695



SUSE-SU-2024:2891-1: moderate: Security update for openssl-1_1


# Security update for openssl-1_1

Announcement ID: SUSE-SU-2024:2891-1
Rating: moderate
References:

* bsc#1226463
* bsc#1227138

Cross-References:

* CVE-2024-5535

CVSS scores:

* CVE-2024-5535 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products:

* Basesystem Module 15-SP5
* openSUSE Leap 15.5
* openSUSE Leap Micro 5.5
* SUSE Linux Enterprise Desktop 15 SP5
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise Micro 5.5
* SUSE Linux Enterprise Real Time 15 SP5
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP5

An update that solves one vulnerability and has one security fix can now be
installed.

## Description:

This update for openssl-1_1 fixes the following issues:

* CVE-2024-5535: Fixed a buffer overread in function SSL_select_next_proto()
with an empty supported client protocols buffer (bsc#1227138)

Other fixes: \- Build with no-afalgeng (bsc#1226463)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.5
zypper in -t patch SUSE-2024-2891=1 openSUSE-SLE-15.5-2024-2891=1

* openSUSE Leap Micro 5.5
zypper in -t patch openSUSE-Leap-Micro-5.5-2024-2891=1

* SUSE Linux Enterprise Micro 5.5
zypper in -t patch SUSE-SLE-Micro-5.5-2024-2891=1

* Basesystem Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-2891=1

## Package List:

* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586)
* libopenssl1_1-hmac-1.1.1l-150500.17.34.1
* openssl-1_1-debuginfo-1.1.1l-150500.17.34.1
* openssl-1_1-debugsource-1.1.1l-150500.17.34.1
* libopenssl1_1-1.1.1l-150500.17.34.1
* libopenssl-1_1-devel-1.1.1l-150500.17.34.1
* openssl-1_1-1.1.1l-150500.17.34.1
* libopenssl1_1-debuginfo-1.1.1l-150500.17.34.1
* openSUSE Leap 15.5 (x86_64)
* libopenssl1_1-32bit-debuginfo-1.1.1l-150500.17.34.1
* libopenssl1_1-32bit-1.1.1l-150500.17.34.1
* libopenssl1_1-hmac-32bit-1.1.1l-150500.17.34.1
* libopenssl-1_1-devel-32bit-1.1.1l-150500.17.34.1
* openSUSE Leap 15.5 (noarch)
* openssl-1_1-doc-1.1.1l-150500.17.34.1
* openSUSE Leap 15.5 (aarch64_ilp32)
* libopenssl1_1-64bit-debuginfo-1.1.1l-150500.17.34.1
* libopenssl1_1-hmac-64bit-1.1.1l-150500.17.34.1
* libopenssl-1_1-devel-64bit-1.1.1l-150500.17.34.1
* libopenssl1_1-64bit-1.1.1l-150500.17.34.1
* openSUSE Leap Micro 5.5 (aarch64 s390x x86_64)
* libopenssl1_1-hmac-1.1.1l-150500.17.34.1
* openssl-1_1-debuginfo-1.1.1l-150500.17.34.1
* openssl-1_1-debugsource-1.1.1l-150500.17.34.1
* libopenssl1_1-1.1.1l-150500.17.34.1
* libopenssl-1_1-devel-1.1.1l-150500.17.34.1
* openssl-1_1-1.1.1l-150500.17.34.1
* libopenssl1_1-debuginfo-1.1.1l-150500.17.34.1
* SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64)
* libopenssl1_1-hmac-1.1.1l-150500.17.34.1
* openssl-1_1-debuginfo-1.1.1l-150500.17.34.1
* openssl-1_1-debugsource-1.1.1l-150500.17.34.1
* libopenssl1_1-1.1.1l-150500.17.34.1
* libopenssl-1_1-devel-1.1.1l-150500.17.34.1
* openssl-1_1-1.1.1l-150500.17.34.1
* libopenssl1_1-debuginfo-1.1.1l-150500.17.34.1
* Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64)
* libopenssl1_1-hmac-1.1.1l-150500.17.34.1
* openssl-1_1-debuginfo-1.1.1l-150500.17.34.1
* openssl-1_1-debugsource-1.1.1l-150500.17.34.1
* libopenssl1_1-1.1.1l-150500.17.34.1
* libopenssl-1_1-devel-1.1.1l-150500.17.34.1
* openssl-1_1-1.1.1l-150500.17.34.1
* libopenssl1_1-debuginfo-1.1.1l-150500.17.34.1
* Basesystem Module 15-SP5 (x86_64)
* libopenssl1_1-32bit-debuginfo-1.1.1l-150500.17.34.1
* libopenssl1_1-32bit-1.1.1l-150500.17.34.1
* libopenssl1_1-hmac-32bit-1.1.1l-150500.17.34.1

## References:

* https://www.suse.com/security/cve/CVE-2024-5535.html
* https://bugzilla.suse.com/show_bug.cgi?id=1226463
* https://bugzilla.suse.com/show_bug.cgi?id=1227138



SUSE-SU-2024:2785-1: moderate: Security update for kernel-firmware


# Security update for kernel-firmware

Announcement ID: SUSE-SU-2024:2785-1
Rating: moderate
References:

* bsc#1225600
* bsc#1225601

Cross-References:

* CVE-2023-38417
* CVE-2023-47210

CVSS scores:

* CVE-2023-38417 ( SUSE ): 4.3 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
* CVE-2023-47210 ( SUSE ): 4.7 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L

Affected Products:

* Basesystem Module 15-SP6
* openSUSE Leap 15.6
* SUSE Linux Enterprise Desktop 15 SP6
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP6

An update that solves two vulnerabilities can now be installed.

## Description:

This update for kernel-firmware fixes the following issues:

Update to version 20240728:

* amdgpu: update DMCUB to v0.0.227.0 for DCN35 and DCN351
* Revert "iwlwifi: update ty/So/Ma firmwares for core89-58 release"
* linux-firmware: update firmware for MT7922 WiFi device
* linux-firmware: update firmware for MT7921 WiFi device
* linux-firmware: update firmware for mediatek bluetooth chip (MT7922)
* linux-firmware: update firmware for mediatek bluetooth chip (MT7921)
* iwlwifi: add gl FW for core89-58 release
* iwlwifi: update ty/So/Ma firmwares for core89-58 release
* iwlwifi: update cc/Qu/QuZ firmwares for core89-58 release
* mediatek: Update mt8195 SOF firmware and sof-tplg
* ASoC: tas2781: fix the license issue for tas781 firmware
* rtl_bt: Update RTL8852B BT USB FW to 0x048F_4008
* i915: Update Xe2LPD DMC to v2.21
* qcom: move signed x1e80100 signed firmware to the SoC subdir
* qcom: add video firmware file for vpu-3.0
* intel: avs: Add topology file for I2S Analog Devices 4567
* intel: avs: Add topology file for I2S Nuvoton 8825
* intel: avs: Add topology file for I2S Maxim 98927
* intel: avs: Add topology file for I2S Maxim 98373
* intel: avs: Add topology file for I2S Maxim 98357a
* intel: avs: Add topology file for I2S Dialog 7219
* intel: avs: Add topology file for I2S Realtek 5663
* intel: avs: Add topology file for I2S Realtek 5640
* intel: avs: Add topology file for I2S Realtek 5514
* intel: avs: Add topology file for I2S Realtek 298
* intel: avs: Add topology file for I2S Realtek 286
* intel: avs: Add topology file for I2S Realtek 274
* intel: avs: Add topology file for Digital Microphone Array
* intel: avs: Add topology file for HDMI codecs
* intel: avs: Add topology file for HDAudio codecs
* intel: avs: Update AudioDSP base firmware for APL-based platforms

## Special Instructions and Notes:

* Please reboot the system after installing this update.

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.6
zypper in -t patch SUSE-2024-2785=1 openSUSE-SLE-15.6-2024-2785=1

* Basesystem Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-2785=1

## Package List:

* openSUSE Leap 15.6 (noarch)
* kernel-firmware-marvell-20240728-150600.3.6.1
* kernel-firmware-iwlwifi-20240728-150600.3.6.1
* kernel-firmware-nfp-20240728-150600.3.6.1
* kernel-firmware-ath10k-20240728-150600.3.6.1
* kernel-firmware-ueagle-20240728-150600.3.6.1
* kernel-firmware-bluetooth-20240728-150600.3.6.1
* kernel-firmware-network-20240728-150600.3.6.1
* kernel-firmware-usb-network-20240728-150600.3.6.1
* kernel-firmware-qlogic-20240728-150600.3.6.1
* kernel-firmware-brcm-20240728-150600.3.6.1
* kernel-firmware-ti-20240728-150600.3.6.1
* kernel-firmware-mediatek-20240728-150600.3.6.1
* kernel-firmware-20240728-150600.3.6.1
* kernel-firmware-dpaa2-20240728-150600.3.6.1
* kernel-firmware-radeon-20240728-150600.3.6.1
* kernel-firmware-liquidio-20240728-150600.3.6.1
* kernel-firmware-ath12k-20240728-150600.3.6.1
* kernel-firmware-i915-20240728-150600.3.6.1
* kernel-firmware-serial-20240728-150600.3.6.1
* kernel-firmware-bnx2-20240728-150600.3.6.1
* kernel-firmware-ath11k-20240728-150600.3.6.1
* kernel-firmware-platform-20240728-150600.3.6.1
* kernel-firmware-prestera-20240728-150600.3.6.1
* kernel-firmware-nvidia-20240728-150600.3.6.1
* kernel-firmware-qcom-20240728-150600.3.6.1
* kernel-firmware-mwifiex-20240728-150600.3.6.1
* kernel-firmware-realtek-20240728-150600.3.6.1
* kernel-firmware-all-20240728-150600.3.6.1
* kernel-firmware-media-20240728-150600.3.6.1
* kernel-firmware-amdgpu-20240728-150600.3.6.1
* ucode-amd-20240728-150600.3.6.1
* kernel-firmware-intel-20240728-150600.3.6.1
* kernel-firmware-mellanox-20240728-150600.3.6.1
* kernel-firmware-atheros-20240728-150600.3.6.1
* kernel-firmware-chelsio-20240728-150600.3.6.1
* kernel-firmware-sound-20240728-150600.3.6.1
* Basesystem Module 15-SP6 (noarch)
* kernel-firmware-marvell-20240728-150600.3.6.1
* kernel-firmware-iwlwifi-20240728-150600.3.6.1
* kernel-firmware-nfp-20240728-150600.3.6.1
* kernel-firmware-ath10k-20240728-150600.3.6.1
* kernel-firmware-ueagle-20240728-150600.3.6.1
* kernel-firmware-bluetooth-20240728-150600.3.6.1
* kernel-firmware-network-20240728-150600.3.6.1
* kernel-firmware-usb-network-20240728-150600.3.6.1
* kernel-firmware-qlogic-20240728-150600.3.6.1
* kernel-firmware-brcm-20240728-150600.3.6.1
* kernel-firmware-ti-20240728-150600.3.6.1
* kernel-firmware-mediatek-20240728-150600.3.6.1
* kernel-firmware-dpaa2-20240728-150600.3.6.1
* kernel-firmware-radeon-20240728-150600.3.6.1
* kernel-firmware-liquidio-20240728-150600.3.6.1
* kernel-firmware-ath12k-20240728-150600.3.6.1
* kernel-firmware-i915-20240728-150600.3.6.1
* kernel-firmware-serial-20240728-150600.3.6.1
* kernel-firmware-bnx2-20240728-150600.3.6.1
* kernel-firmware-ath11k-20240728-150600.3.6.1
* kernel-firmware-platform-20240728-150600.3.6.1
* kernel-firmware-prestera-20240728-150600.3.6.1
* kernel-firmware-nvidia-20240728-150600.3.6.1
* kernel-firmware-qcom-20240728-150600.3.6.1
* kernel-firmware-mwifiex-20240728-150600.3.6.1
* kernel-firmware-realtek-20240728-150600.3.6.1
* kernel-firmware-all-20240728-150600.3.6.1
* kernel-firmware-media-20240728-150600.3.6.1
* kernel-firmware-amdgpu-20240728-150600.3.6.1
* ucode-amd-20240728-150600.3.6.1
* kernel-firmware-intel-20240728-150600.3.6.1
* kernel-firmware-mellanox-20240728-150600.3.6.1
* kernel-firmware-atheros-20240728-150600.3.6.1
* kernel-firmware-chelsio-20240728-150600.3.6.1
* kernel-firmware-sound-20240728-150600.3.6.1

## References:

* https://www.suse.com/security/cve/CVE-2023-38417.html
* https://www.suse.com/security/cve/CVE-2023-47210.html
* https://bugzilla.suse.com/show_bug.cgi?id=1225600
* https://bugzilla.suse.com/show_bug.cgi?id=1225601



SUSE-SU-2024:2655-1: moderate: Security update for python-dnspython


# Security update for python-dnspython

Announcement ID: SUSE-SU-2024:2655-1
Rating: moderate
References:

* bsc#1222693

Cross-References:

* CVE-2023-29483

CVSS scores:

* CVE-2023-29483 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products:

* Basesystem Module 15-SP5
* Basesystem Module 15-SP6
* openSUSE Leap 15.5
* openSUSE Leap Micro 5.5
* SUSE Linux Enterprise Desktop 15 SP5
* SUSE Linux Enterprise Desktop 15 SP6
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise Micro 5.3
* SUSE Linux Enterprise Micro 5.4
* SUSE Linux Enterprise Micro 5.5
* SUSE Linux Enterprise Micro for Rancher 5.3
* SUSE Linux Enterprise Micro for Rancher 5.4
* SUSE Linux Enterprise Real Time 15 SP5
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
* SUSE Package Hub 15 15-SP5
* SUSE Package Hub 15 15-SP6

An update that solves one vulnerability can now be installed.

## Description:

This update for python-dnspython fixes the following issues:

* CVE-2023-29483: Fixed an issue that allowed remote attackers to interfere
with DNS name resolution (bsc#1222693).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap Micro 5.5
zypper in -t patch openSUSE-Leap-Micro-5.5-2024-2655=1

* openSUSE Leap 15.5
zypper in -t patch openSUSE-SLE-15.5-2024-2655=1

* SUSE Linux Enterprise Micro for Rancher 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2024-2655=1

* SUSE Linux Enterprise Micro 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2024-2655=1

* SUSE Linux Enterprise Micro for Rancher 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2024-2655=1

* SUSE Linux Enterprise Micro 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2024-2655=1

* SUSE Linux Enterprise Micro 5.5
zypper in -t patch SUSE-SLE-Micro-5.5-2024-2655=1

* Basesystem Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-2655=1

* Basesystem Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-2655=1

* SUSE Package Hub 15 15-SP5
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-2655=1

* SUSE Package Hub 15 15-SP6
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2024-2655=1

## Package List:

* openSUSE Leap Micro 5.5 (noarch)
* python3-dnspython-1.15.0-150000.3.5.1
* openSUSE Leap 15.5 (noarch)
* python3-dnspython-1.15.0-150000.3.5.1
* SUSE Linux Enterprise Micro for Rancher 5.3 (noarch)
* python3-dnspython-1.15.0-150000.3.5.1
* SUSE Linux Enterprise Micro 5.3 (noarch)
* python3-dnspython-1.15.0-150000.3.5.1
* SUSE Linux Enterprise Micro for Rancher 5.4 (noarch)
* python3-dnspython-1.15.0-150000.3.5.1
* SUSE Linux Enterprise Micro 5.4 (noarch)
* python3-dnspython-1.15.0-150000.3.5.1
* SUSE Linux Enterprise Micro 5.5 (noarch)
* python3-dnspython-1.15.0-150000.3.5.1
* Basesystem Module 15-SP5 (noarch)
* python3-dnspython-1.15.0-150000.3.5.1
* Basesystem Module 15-SP6 (noarch)
* python3-dnspython-1.15.0-150000.3.5.1
* SUSE Package Hub 15 15-SP5 (noarch)
* python2-dnspython-1.15.0-150000.3.5.1
* SUSE Package Hub 15 15-SP6 (noarch)
* python2-dnspython-1.15.0-150000.3.5.1

## References:

* https://www.suse.com/security/cve/CVE-2023-29483.html
* https://bugzilla.suse.com/show_bug.cgi?id=1222693



SUSE-SU-2024:2869-1: important: Security update for ca-certificates-mozilla


# Security update for ca-certificates-mozilla

Announcement ID: SUSE-SU-2024:2869-1
Rating: important
References:

* bsc#1220356
* bsc#1227525

Affected Products:

* Basesystem Module 15-SP5
* Basesystem Module 15-SP6
* Development Tools Module 15-SP5
* Development Tools Module 15-SP6
* openSUSE Leap 15.5
* openSUSE Leap 15.6
* openSUSE Leap Micro 5.5
* SUSE Enterprise Storage 7.1
* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4
* SUSE Linux Enterprise Desktop 15 SP5
* SUSE Linux Enterprise Desktop 15 SP6
* SUSE Linux Enterprise High Performance Computing 15 SP2
* SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2
* SUSE Linux Enterprise High Performance Computing 15 SP3
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
* SUSE Linux Enterprise Micro 5.1
* SUSE Linux Enterprise Micro 5.2
* SUSE Linux Enterprise Micro 5.3
* SUSE Linux Enterprise Micro 5.4
* SUSE Linux Enterprise Micro 5.5
* SUSE Linux Enterprise Micro for Rancher 5.2
* SUSE Linux Enterprise Micro for Rancher 5.3
* SUSE Linux Enterprise Micro for Rancher 5.4
* SUSE Linux Enterprise Real Time 15 SP5
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Server 15 SP2
* SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2
* SUSE Linux Enterprise Server 15 SP3
* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP2
* SUSE Linux Enterprise Server for SAP Applications 15 SP3
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
* SUSE Manager Proxy 4.3
* SUSE Manager Retail Branch Server 4.3
* SUSE Manager Server 4.3

An update that has two security fixes can now be installed.

## Description:

This update for ca-certificates-mozilla fixes the following issues:

* Updated to 2.68 state of Mozilla SSL root CAs (bsc#1227525)
* Added: FIRMAPROFESIONAL CA ROOT-A WEB
* Distrust: GLOBALTRUST 2020

* Updated to 2.66 state of Mozilla SSL root CAs (bsc#1220356) Added:

* CommScope Public Trust ECC Root-01
* CommScope Public Trust ECC Root-02
* CommScope Public Trust RSA Root-01
* CommScope Public Trust RSA Root-02
* D-Trust SBR Root CA 1 2022
* D-Trust SBR Root CA 2 2022
* Telekom Security SMIME ECC Root 2021
* Telekom Security SMIME RSA Root 2023
* Telekom Security TLS ECC Root 2020
* Telekom Security TLS RSA Root 2023
* TrustAsia Global Root CA G3
* TrustAsia Global Root CA G4 Removed:
* Autoridad de Certificacion Firmaprofesional CIF A62634068
* Chambers of Commerce Root - 2008
* Global Chambersign Root - 2008
* Security Communication Root CA
* Symantec Class 1 Public Primary Certification Authority - G6
* Symantec Class 2 Public Primary Certification Authority - G6
* TrustCor ECA-1
* TrustCor RootCert CA-1
* TrustCor RootCert CA-2
* VeriSign Class 1 Public Primary Certification Authority - G3
* VeriSign Class 2 Public Primary Certification Authority - G3

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap Micro 5.5
zypper in -t patch openSUSE-Leap-Micro-5.5-2024-2869=1

* openSUSE Leap 15.5
zypper in -t patch openSUSE-SLE-15.5-2024-2869=1

* openSUSE Leap 15.6
zypper in -t patch openSUSE-SLE-15.6-2024-2869=1

* SUSE Linux Enterprise Micro for Rancher 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2024-2869=1

* SUSE Linux Enterprise Micro 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2024-2869=1

* SUSE Linux Enterprise Micro for Rancher 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2024-2869=1

* SUSE Linux Enterprise Micro 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2024-2869=1

* SUSE Linux Enterprise Micro 5.5
zypper in -t patch SUSE-SLE-Micro-5.5-2024-2869=1

* Basesystem Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-2869=1

* Basesystem Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-2869=1

* Development Tools Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP5-2024-2869=1

* Development Tools Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2024-2869=1

* SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-2869=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-2869=1

* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-2869=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-2869=1

* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4
zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-2869=1

* SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-2869=1

* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3
zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-2869=1

* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4
zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-2869=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP2
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-2869=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP3
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-2869=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP4
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-2869=1

* SUSE Manager Proxy 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-2869=1

* SUSE Manager Retail Branch Server 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-
Server-4.3-2024-2869=1

* SUSE Manager Server 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-2869=1

* SUSE Enterprise Storage 7.1
zypper in -t patch SUSE-Storage-7.1-2024-2869=1

* SUSE Linux Enterprise Micro 5.1
zypper in -t patch SUSE-SUSE-MicroOS-5.1-2024-2869=1

* SUSE Linux Enterprise Micro 5.2
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-2869=1

* SUSE Linux Enterprise Micro for Rancher 5.2
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-2869=1

## Package List:

* openSUSE Leap Micro 5.5 (noarch)
* ca-certificates-mozilla-2.68-150200.33.1
* openSUSE Leap 15.5 (noarch)
* ca-certificates-mozilla-prebuilt-2.68-150200.33.1
* ca-certificates-mozilla-2.68-150200.33.1
* openSUSE Leap 15.6 (noarch)
* ca-certificates-mozilla-prebuilt-2.68-150200.33.1
* ca-certificates-mozilla-2.68-150200.33.1
* SUSE Linux Enterprise Micro for Rancher 5.3 (noarch)
* ca-certificates-mozilla-2.68-150200.33.1
* SUSE Linux Enterprise Micro 5.3 (noarch)
* ca-certificates-mozilla-2.68-150200.33.1
* SUSE Linux Enterprise Micro for Rancher 5.4 (noarch)
* ca-certificates-mozilla-2.68-150200.33.1
* SUSE Linux Enterprise Micro 5.4 (noarch)
* ca-certificates-mozilla-2.68-150200.33.1
* SUSE Linux Enterprise Micro 5.5 (noarch)
* ca-certificates-mozilla-2.68-150200.33.1
* Basesystem Module 15-SP5 (noarch)
* ca-certificates-mozilla-2.68-150200.33.1
* Basesystem Module 15-SP6 (noarch)
* ca-certificates-mozilla-2.68-150200.33.1
* Development Tools Module 15-SP5 (noarch)
* ca-certificates-mozilla-prebuilt-2.68-150200.33.1
* Development Tools Module 15-SP6 (noarch)
* ca-certificates-mozilla-prebuilt-2.68-150200.33.1
* SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (noarch)
* ca-certificates-mozilla-prebuilt-2.68-150200.33.1
* ca-certificates-mozilla-2.68-150200.33.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch)
* ca-certificates-mozilla-prebuilt-2.68-150200.33.1
* ca-certificates-mozilla-2.68-150200.33.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch)
* ca-certificates-mozilla-prebuilt-2.68-150200.33.1
* ca-certificates-mozilla-2.68-150200.33.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch)
* ca-certificates-mozilla-prebuilt-2.68-150200.33.1
* ca-certificates-mozilla-2.68-150200.33.1
* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (noarch)
* ca-certificates-mozilla-prebuilt-2.68-150200.33.1
* ca-certificates-mozilla-2.68-150200.33.1
* SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (noarch)
* ca-certificates-mozilla-prebuilt-2.68-150200.33.1
* ca-certificates-mozilla-2.68-150200.33.1
* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (noarch)
* ca-certificates-mozilla-prebuilt-2.68-150200.33.1
* ca-certificates-mozilla-2.68-150200.33.1
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch)
* ca-certificates-mozilla-prebuilt-2.68-150200.33.1
* ca-certificates-mozilla-2.68-150200.33.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP2 (noarch)
* ca-certificates-mozilla-prebuilt-2.68-150200.33.1
* ca-certificates-mozilla-2.68-150200.33.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch)
* ca-certificates-mozilla-prebuilt-2.68-150200.33.1
* ca-certificates-mozilla-2.68-150200.33.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch)
* ca-certificates-mozilla-prebuilt-2.68-150200.33.1
* ca-certificates-mozilla-2.68-150200.33.1
* SUSE Manager Proxy 4.3 (noarch)
* ca-certificates-mozilla-2.68-150200.33.1
* SUSE Manager Retail Branch Server 4.3 (noarch)
* ca-certificates-mozilla-2.68-150200.33.1
* SUSE Manager Server 4.3 (noarch)
* ca-certificates-mozilla-2.68-150200.33.1
* SUSE Enterprise Storage 7.1 (noarch)
* ca-certificates-mozilla-prebuilt-2.68-150200.33.1
* ca-certificates-mozilla-2.68-150200.33.1
* SUSE Linux Enterprise Micro 5.1 (noarch)
* ca-certificates-mozilla-2.68-150200.33.1
* SUSE Linux Enterprise Micro 5.2 (noarch)
* ca-certificates-mozilla-prebuilt-2.68-150200.33.1
* ca-certificates-mozilla-2.68-150200.33.1
* SUSE Linux Enterprise Micro for Rancher 5.2 (noarch)
* ca-certificates-mozilla-prebuilt-2.68-150200.33.1
* ca-certificates-mozilla-2.68-150200.33.1

## References:

* https://bugzilla.suse.com/show_bug.cgi?id=1220356
* https://bugzilla.suse.com/show_bug.cgi?id=1227525



SUSE-SU-2024:2658-1: important: Security update for shadow


# Security update for shadow

Announcement ID: SUSE-SU-2024:2658-1
Rating: important
References:

* bsc#916845

Cross-References:

* CVE-2013-4235

CVSS scores:

* CVE-2013-4235 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
* CVE-2013-4235 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N

Affected Products:

* Basesystem Module 15-SP5
* openSUSE Leap 15.4
* openSUSE Leap 15.5
* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4
* SUSE Linux Enterprise Desktop 15 SP5
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
* SUSE Linux Enterprise Micro 5.3
* SUSE Linux Enterprise Micro for Rancher 5.3
* SUSE Linux Enterprise Real Time 15 SP5
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Manager Proxy 4.3
* SUSE Manager Retail Branch Server 4.3
* SUSE Manager Server 4.3

An update that solves one vulnerability can now be installed.

## Description:

This update for shadow fixes the following issues:

* CVE-2013-4235: Fixed a race condition when copying and removing directory
trees (bsc#916845).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* Basesystem Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-2658=1

* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-2658=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-2658=1

* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4
zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-2658=1

* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4
zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-2658=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP4
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-2658=1

* SUSE Manager Proxy 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-2658=1

* SUSE Manager Retail Branch Server 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-
Server-4.3-2024-2658=1

* SUSE Manager Server 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-2658=1

* openSUSE Leap 15.4
zypper in -t patch SUSE-2024-2658=1

* openSUSE Leap 15.5
zypper in -t patch openSUSE-SLE-15.5-2024-2658=1

* SUSE Linux Enterprise Micro for Rancher 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2024-2658=1

* SUSE Linux Enterprise Micro 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2024-2658=1

## Package List:

* Basesystem Module 15-SP5 (noarch)
* login_defs-4.8.1-150400.10.18.1
* Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64)
* shadow-debugsource-4.8.1-150400.10.18.1
* shadow-debuginfo-4.8.1-150400.10.18.1
* shadow-4.8.1-150400.10.18.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch)
* login_defs-4.8.1-150400.10.18.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
x86_64)
* shadow-debugsource-4.8.1-150400.10.18.1
* shadow-debuginfo-4.8.1-150400.10.18.1
* shadow-4.8.1-150400.10.18.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch)
* login_defs-4.8.1-150400.10.18.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
x86_64)
* shadow-debugsource-4.8.1-150400.10.18.1
* shadow-debuginfo-4.8.1-150400.10.18.1
* shadow-4.8.1-150400.10.18.1
* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (noarch)
* login_defs-4.8.1-150400.10.18.1
* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64)
* shadow-debugsource-4.8.1-150400.10.18.1
* shadow-debuginfo-4.8.1-150400.10.18.1
* shadow-4.8.1-150400.10.18.1
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch)
* login_defs-4.8.1-150400.10.18.1
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x
x86_64)
* shadow-debugsource-4.8.1-150400.10.18.1
* shadow-debuginfo-4.8.1-150400.10.18.1
* shadow-4.8.1-150400.10.18.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch)
* login_defs-4.8.1-150400.10.18.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
* shadow-debugsource-4.8.1-150400.10.18.1
* shadow-debuginfo-4.8.1-150400.10.18.1
* shadow-4.8.1-150400.10.18.1
* SUSE Manager Proxy 4.3 (noarch)
* login_defs-4.8.1-150400.10.18.1
* SUSE Manager Proxy 4.3 (x86_64)
* shadow-debugsource-4.8.1-150400.10.18.1
* shadow-debuginfo-4.8.1-150400.10.18.1
* shadow-4.8.1-150400.10.18.1
* SUSE Manager Retail Branch Server 4.3 (noarch)
* login_defs-4.8.1-150400.10.18.1
* SUSE Manager Retail Branch Server 4.3 (x86_64)
* shadow-debugsource-4.8.1-150400.10.18.1
* shadow-debuginfo-4.8.1-150400.10.18.1
* shadow-4.8.1-150400.10.18.1
* SUSE Manager Server 4.3 (noarch)
* login_defs-4.8.1-150400.10.18.1
* SUSE Manager Server 4.3 (ppc64le s390x x86_64)
* shadow-debugsource-4.8.1-150400.10.18.1
* shadow-debuginfo-4.8.1-150400.10.18.1
* shadow-4.8.1-150400.10.18.1
* openSUSE Leap 15.4 (noarch)
* login_defs-4.8.1-150400.10.18.1
* openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
* shadow-debugsource-4.8.1-150400.10.18.1
* shadow-debuginfo-4.8.1-150400.10.18.1
* shadow-4.8.1-150400.10.18.1
* openSUSE Leap 15.5 (noarch)
* login_defs-4.8.1-150400.10.18.1
* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64)
* shadow-debugsource-4.8.1-150400.10.18.1
* shadow-debuginfo-4.8.1-150400.10.18.1
* shadow-4.8.1-150400.10.18.1
* SUSE Linux Enterprise Micro for Rancher 5.3 (noarch)
* login_defs-4.8.1-150400.10.18.1
* SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64)
* shadow-debugsource-4.8.1-150400.10.18.1
* shadow-debuginfo-4.8.1-150400.10.18.1
* shadow-4.8.1-150400.10.18.1
* SUSE Linux Enterprise Micro 5.3 (noarch)
* login_defs-4.8.1-150400.10.18.1
* SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64)
* shadow-debugsource-4.8.1-150400.10.18.1
* shadow-debuginfo-4.8.1-150400.10.18.1
* shadow-4.8.1-150400.10.18.1

## References:

* https://www.suse.com/security/cve/CVE-2013-4235.html
* https://bugzilla.suse.com/show_bug.cgi?id=916845



SUSE-SU-2024:2663-1: important: Security update for orc


# Security update for orc

Announcement ID: SUSE-SU-2024:2663-1
Rating: important
References:

* bsc#1228184

Cross-References:

* CVE-2024-40897

CVSS scores:

* CVE-2024-40897 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected Products:

* Basesystem Module 15-SP5
* Basesystem Module 15-SP6
* openSUSE Leap 15.5
* openSUSE Leap 15.6
* openSUSE Leap Micro 5.5
* SUSE Enterprise Storage 7.1
* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4
* SUSE Linux Enterprise Desktop 15 SP5
* SUSE Linux Enterprise Desktop 15 SP6
* SUSE Linux Enterprise High Performance Computing 15 SP2
* SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2
* SUSE Linux Enterprise High Performance Computing 15 SP3
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
* SUSE Linux Enterprise Micro 5.2
* SUSE Linux Enterprise Micro 5.3
* SUSE Linux Enterprise Micro 5.4
* SUSE Linux Enterprise Micro 5.5
* SUSE Linux Enterprise Micro for Rancher 5.2
* SUSE Linux Enterprise Micro for Rancher 5.3
* SUSE Linux Enterprise Micro for Rancher 5.4
* SUSE Linux Enterprise Real Time 15 SP5
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Server 15 SP2
* SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2
* SUSE Linux Enterprise Server 15 SP3
* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP2
* SUSE Linux Enterprise Server for SAP Applications 15 SP3
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
* SUSE Manager Proxy 4.3
* SUSE Manager Retail Branch Server 4.3
* SUSE Manager Server 4.3
* SUSE Package Hub 15 15-SP5
* SUSE Package Hub 15 15-SP6

An update that solves one vulnerability can now be installed.

## Description:

This update for orc fixes the following issues:

* CVE-2024-40897: Fixed stack-based buffer overflow in the orc compiler when
formatting error messages for certain input files (bsc#1228184)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap Micro 5.5
zypper in -t patch openSUSE-Leap-Micro-5.5-2024-2663=1

* openSUSE Leap 15.5
zypper in -t patch openSUSE-SLE-15.5-2024-2663=1

* openSUSE Leap 15.6
zypper in -t patch openSUSE-SLE-15.6-2024-2663=1

* SUSE Linux Enterprise Micro for Rancher 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2024-2663=1

* SUSE Linux Enterprise Micro 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2024-2663=1

* SUSE Linux Enterprise Micro for Rancher 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2024-2663=1

* SUSE Linux Enterprise Micro 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2024-2663=1

* SUSE Linux Enterprise Micro 5.5
zypper in -t patch SUSE-SLE-Micro-5.5-2024-2663=1

* Basesystem Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-2663=1

* Basesystem Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-2663=1

* SUSE Package Hub 15 15-SP5
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-2663=1

* SUSE Package Hub 15 15-SP6
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2024-2663=1

* SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-2663=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-2663=1

* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-2663=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-2663=1

* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4
zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-2663=1

* SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-2663=1

* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3
zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-2663=1

* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4
zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-2663=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP2
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-2663=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP3
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-2663=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP4
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-2663=1

* SUSE Manager Proxy 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-2663=1

* SUSE Manager Retail Branch Server 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-
Server-4.3-2024-2663=1

* SUSE Manager Server 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-2663=1

* SUSE Enterprise Storage 7.1
zypper in -t patch SUSE-Storage-7.1-2024-2663=1

* SUSE Linux Enterprise Micro 5.2
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-2663=1

* SUSE Linux Enterprise Micro for Rancher 5.2
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-2663=1

## Package List:

* openSUSE Leap Micro 5.5 (aarch64 s390x x86_64)
* orc-debuginfo-0.4.28-150000.3.6.1
* liborc-0_4-0-0.4.28-150000.3.6.1
* liborc-0_4-0-debuginfo-0.4.28-150000.3.6.1
* orc-debugsource-0.4.28-150000.3.6.1
* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64)
* orc-debuginfo-0.4.28-150000.3.6.1
* liborc-0_4-0-0.4.28-150000.3.6.1
* orc-doc-0.4.28-150000.3.6.1
* orc-0.4.28-150000.3.6.1
* liborc-0_4-0-debuginfo-0.4.28-150000.3.6.1
* orc-debugsource-0.4.28-150000.3.6.1
* openSUSE Leap 15.5 (x86_64)
* liborc-0_4-0-32bit-0.4.28-150000.3.6.1
* liborc-0_4-0-32bit-debuginfo-0.4.28-150000.3.6.1
* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
* orc-debuginfo-0.4.28-150000.3.6.1
* liborc-0_4-0-0.4.28-150000.3.6.1
* orc-doc-0.4.28-150000.3.6.1
* orc-0.4.28-150000.3.6.1
* liborc-0_4-0-debuginfo-0.4.28-150000.3.6.1
* orc-debugsource-0.4.28-150000.3.6.1
* openSUSE Leap 15.6 (x86_64)
* liborc-0_4-0-32bit-0.4.28-150000.3.6.1
* liborc-0_4-0-32bit-debuginfo-0.4.28-150000.3.6.1
* SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64)
* orc-debuginfo-0.4.28-150000.3.6.1
* liborc-0_4-0-0.4.28-150000.3.6.1
* liborc-0_4-0-debuginfo-0.4.28-150000.3.6.1
* orc-debugsource-0.4.28-150000.3.6.1
* SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64)
* orc-debuginfo-0.4.28-150000.3.6.1
* liborc-0_4-0-0.4.28-150000.3.6.1
* liborc-0_4-0-debuginfo-0.4.28-150000.3.6.1
* orc-debugsource-0.4.28-150000.3.6.1
* SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64)
* orc-debuginfo-0.4.28-150000.3.6.1
* liborc-0_4-0-0.4.28-150000.3.6.1
* liborc-0_4-0-debuginfo-0.4.28-150000.3.6.1
* orc-debugsource-0.4.28-150000.3.6.1
* SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64)
* orc-debuginfo-0.4.28-150000.3.6.1
* liborc-0_4-0-0.4.28-150000.3.6.1
* liborc-0_4-0-debuginfo-0.4.28-150000.3.6.1
* orc-debugsource-0.4.28-150000.3.6.1
* SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64)
* orc-debuginfo-0.4.28-150000.3.6.1
* liborc-0_4-0-0.4.28-150000.3.6.1
* liborc-0_4-0-debuginfo-0.4.28-150000.3.6.1
* orc-debugsource-0.4.28-150000.3.6.1
* Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64)
* orc-debuginfo-0.4.28-150000.3.6.1
* liborc-0_4-0-0.4.28-150000.3.6.1
* orc-0.4.28-150000.3.6.1
* liborc-0_4-0-debuginfo-0.4.28-150000.3.6.1
* orc-debugsource-0.4.28-150000.3.6.1
* Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* orc-debuginfo-0.4.28-150000.3.6.1
* liborc-0_4-0-0.4.28-150000.3.6.1
* orc-0.4.28-150000.3.6.1
* liborc-0_4-0-debuginfo-0.4.28-150000.3.6.1
* orc-debugsource-0.4.28-150000.3.6.1
* SUSE Package Hub 15 15-SP5 (x86_64)
* liborc-0_4-0-32bit-0.4.28-150000.3.6.1
* liborc-0_4-0-32bit-debuginfo-0.4.28-150000.3.6.1
* SUSE Package Hub 15 15-SP6 (x86_64)
* liborc-0_4-0-32bit-0.4.28-150000.3.6.1
* liborc-0_4-0-32bit-debuginfo-0.4.28-150000.3.6.1
* SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64
x86_64)
* orc-debuginfo-0.4.28-150000.3.6.1
* liborc-0_4-0-0.4.28-150000.3.6.1
* orc-0.4.28-150000.3.6.1
* liborc-0_4-0-debuginfo-0.4.28-150000.3.6.1
* orc-debugsource-0.4.28-150000.3.6.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64
x86_64)
* orc-debuginfo-0.4.28-150000.3.6.1
* liborc-0_4-0-0.4.28-150000.3.6.1
* orc-0.4.28-150000.3.6.1
* liborc-0_4-0-debuginfo-0.4.28-150000.3.6.1
* orc-debugsource-0.4.28-150000.3.6.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
x86_64)
* orc-debuginfo-0.4.28-150000.3.6.1
* liborc-0_4-0-0.4.28-150000.3.6.1
* orc-0.4.28-150000.3.6.1
* liborc-0_4-0-debuginfo-0.4.28-150000.3.6.1
* orc-debugsource-0.4.28-150000.3.6.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
x86_64)
* orc-debuginfo-0.4.28-150000.3.6.1
* liborc-0_4-0-0.4.28-150000.3.6.1
* orc-0.4.28-150000.3.6.1
* liborc-0_4-0-debuginfo-0.4.28-150000.3.6.1
* orc-debugsource-0.4.28-150000.3.6.1
* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64)
* orc-debuginfo-0.4.28-150000.3.6.1
* liborc-0_4-0-0.4.28-150000.3.6.1
* orc-0.4.28-150000.3.6.1
* liborc-0_4-0-debuginfo-0.4.28-150000.3.6.1
* orc-debugsource-0.4.28-150000.3.6.1
* SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x
x86_64)
* orc-debuginfo-0.4.28-150000.3.6.1
* liborc-0_4-0-0.4.28-150000.3.6.1
* orc-0.4.28-150000.3.6.1
* liborc-0_4-0-debuginfo-0.4.28-150000.3.6.1
* orc-debugsource-0.4.28-150000.3.6.1
* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x
x86_64)
* orc-debuginfo-0.4.28-150000.3.6.1
* liborc-0_4-0-0.4.28-150000.3.6.1
* orc-0.4.28-150000.3.6.1
* liborc-0_4-0-debuginfo-0.4.28-150000.3.6.1
* orc-debugsource-0.4.28-150000.3.6.1
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x
x86_64)
* orc-debuginfo-0.4.28-150000.3.6.1
* liborc-0_4-0-0.4.28-150000.3.6.1
* orc-0.4.28-150000.3.6.1
* liborc-0_4-0-debuginfo-0.4.28-150000.3.6.1
* orc-debugsource-0.4.28-150000.3.6.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64)
* orc-debuginfo-0.4.28-150000.3.6.1
* liborc-0_4-0-0.4.28-150000.3.6.1
* orc-0.4.28-150000.3.6.1
* liborc-0_4-0-debuginfo-0.4.28-150000.3.6.1
* orc-debugsource-0.4.28-150000.3.6.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64)
* orc-debuginfo-0.4.28-150000.3.6.1
* liborc-0_4-0-0.4.28-150000.3.6.1
* orc-0.4.28-150000.3.6.1
* liborc-0_4-0-debuginfo-0.4.28-150000.3.6.1
* orc-debugsource-0.4.28-150000.3.6.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
* orc-debuginfo-0.4.28-150000.3.6.1
* liborc-0_4-0-0.4.28-150000.3.6.1
* orc-0.4.28-150000.3.6.1
* liborc-0_4-0-debuginfo-0.4.28-150000.3.6.1
* orc-debugsource-0.4.28-150000.3.6.1
* SUSE Manager Proxy 4.3 (x86_64)
* orc-debuginfo-0.4.28-150000.3.6.1
* liborc-0_4-0-0.4.28-150000.3.6.1
* orc-0.4.28-150000.3.6.1
* liborc-0_4-0-debuginfo-0.4.28-150000.3.6.1
* orc-debugsource-0.4.28-150000.3.6.1
* SUSE Manager Retail Branch Server 4.3 (x86_64)
* orc-debuginfo-0.4.28-150000.3.6.1
* liborc-0_4-0-0.4.28-150000.3.6.1
* orc-0.4.28-150000.3.6.1
* liborc-0_4-0-debuginfo-0.4.28-150000.3.6.1
* orc-debugsource-0.4.28-150000.3.6.1
* SUSE Manager Server 4.3 (ppc64le s390x x86_64)
* orc-debuginfo-0.4.28-150000.3.6.1
* liborc-0_4-0-0.4.28-150000.3.6.1
* orc-0.4.28-150000.3.6.1
* liborc-0_4-0-debuginfo-0.4.28-150000.3.6.1
* orc-debugsource-0.4.28-150000.3.6.1
* SUSE Enterprise Storage 7.1 (aarch64 x86_64)
* orc-debuginfo-0.4.28-150000.3.6.1
* liborc-0_4-0-0.4.28-150000.3.6.1
* orc-0.4.28-150000.3.6.1
* liborc-0_4-0-debuginfo-0.4.28-150000.3.6.1
* orc-debugsource-0.4.28-150000.3.6.1
* SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64)
* orc-debuginfo-0.4.28-150000.3.6.1
* liborc-0_4-0-0.4.28-150000.3.6.1
* liborc-0_4-0-debuginfo-0.4.28-150000.3.6.1
* orc-debugsource-0.4.28-150000.3.6.1
* SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64)
* orc-debuginfo-0.4.28-150000.3.6.1
* liborc-0_4-0-0.4.28-150000.3.6.1
* liborc-0_4-0-debuginfo-0.4.28-150000.3.6.1
* orc-debugsource-0.4.28-150000.3.6.1

## References:

* https://www.suse.com/security/cve/CVE-2024-40897.html
* https://bugzilla.suse.com/show_bug.cgi?id=1228184