SUSE 5149 Published by

The following security updates are available for openSUSE Leap and SUSE Linux Enterprise:

SUSE-SU-2024:1368-1: important: Security update for shim
SUSE-SU-2024:1365-1: moderate: Security update for apache-commons-configuration2
SUSE-SU-2024:1347-1: important: Security update for wireshark
SUSE-SU-2024:1350-1: important: Security update for MozillaFirefox
SUSE-SU-2024:1351-1: low: Security update for graphviz
SUSE-SU-2024:1340-1: important: Security update for pgadmin4
SUSE-SU-2024:1345-1: important: Security update for tomcat
SUSE-SU-2024:1332-2: important: Security update for the Linux Kernel
SUSE-SU-2024:1322-2: important: Security update for the Linux Kernel
SUSE-SU-2024:1332-1: important: Security update for the Linux Kernel




SUSE-SU-2024:1368-1: important: Security update for shim


# Security update for shim

Announcement ID: SUSE-SU-2024:1368-1
Rating: important
References:

* bsc#1198101
* bsc#1205588
* bsc#1205855
* bsc#1210382
* bsc#1213945
* bsc#1215098
* bsc#1215099
* bsc#1215100
* bsc#1215101
* bsc#1215102
* bsc#1215103
* bsc#1219460
* jsc#PED-922

Cross-References:

* CVE-2022-28737
* CVE-2023-40546
* CVE-2023-40547
* CVE-2023-40548
* CVE-2023-40549
* CVE-2023-40550
* CVE-2023-40551

CVSS scores:

* CVE-2022-28737 ( SUSE ): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
* CVE-2022-28737 ( NVD ): 6.5 CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H
* CVE-2023-40546 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-40546 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-40547 ( SUSE ): 7.1 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
* CVE-2023-40547 ( NVD ): 8.3 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
* CVE-2023-40548 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-40548 ( NVD ): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-40549 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-40549 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-40550 ( SUSE ): 4.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H
* CVE-2023-40550 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
* CVE-2023-40551 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-40551 ( NVD ): 5.1 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:H

Affected Products:

* Basesystem Module 15-SP5
* openSUSE Leap 15.3
* openSUSE Leap 15.5
* openSUSE Leap Micro 5.3
* openSUSE Leap Micro 5.4
* SUSE Enterprise Storage 7.1
* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4
* SUSE Linux Enterprise Desktop 15 SP5
* SUSE Linux Enterprise High Performance Computing 15 SP3
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
* SUSE Linux Enterprise Micro 5.1
* SUSE Linux Enterprise Micro 5.2
* SUSE Linux Enterprise Micro 5.3
* SUSE Linux Enterprise Micro 5.4
* SUSE Linux Enterprise Micro 5.5
* SUSE Linux Enterprise Micro for Rancher 5.2
* SUSE Linux Enterprise Micro for Rancher 5.3
* SUSE Linux Enterprise Micro for Rancher 5.4
* SUSE Linux Enterprise Real Time 15 SP5
* SUSE Linux Enterprise Server 15 SP3
* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP3
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Manager Proxy 4.3
* SUSE Manager Retail Branch Server 4.3
* SUSE Manager Server 4.3

An update that solves seven vulnerabilities, contains one feature and has five
security fixes can now be installed.

## Description:

This update for shim fixes the following issues:

* Update shim-install to set the TPM2 SRK algorithm (bsc#1213945)
* Limit the requirement of fde-tpm-helper-macros to the distro with
suse_version 1600 and above (bsc#1219460)

Update to version 15.8:

Security issues fixed:

* mok: fix LogError() invocation (bsc#1215099,CVE-2023-40546)
* avoid incorrectly trusting HTTP headers (bsc#1215098,CVE-2023-40547)
* Fix integer overflow on SBAT section size on 32-bit system
(bsc#1215100,CVE-2023-40548)
* Authenticode: verify that the signature header is in bounds
(bsc#1215101,CVE-2023-40549)
* pe: Fix an out-of-bound read in verify_buffer_sbat()
(bsc#1215102,CVE-2023-40550)
* pe-relocate: Fix bounds check for MZ binaries (bsc#1215103,CVE-2023-40551)

The NX flag is disable which is same as the default value of shim-15.8, hence,
not need to enable it by this patch now.

* Generate dbx during build so we don't include binary files in sources
* Don't require grub so shim can still be used with systemd-boot
* Update shim-install to fix boot failure of ext4 root file system on RAID10
(bsc#1205855)
* Adopt the macros from fde-tpm-helper-macros to update the signature in the
sealed key after a bootloader upgrade

* Update shim-install to amend full disk encryption support

* Adopt TPM 2.0 Key File for grub2 TPM 2.0 protector
* Use the long name to specify the grub2 key protector
* cryptodisk: support TPM authorized policies
* Do not use tpm_record_pcrs unless the command is in command.lst

* Removed POST_PROCESS_PE_FLAGS=-N from the build command in shim.spec to
enable the NX compatibility flag when using post-process-pe after discussed
with grub2 experts in mail. It's useful for further development and testing.
(bsc#1205588)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.3
zypper in -t patch SUSE-2024-1368=1

* openSUSE Leap Micro 5.3
zypper in -t patch openSUSE-Leap-Micro-5.3-2024-1368=1

* openSUSE Leap Micro 5.4
zypper in -t patch openSUSE-Leap-Micro-5.4-2024-1368=1

* openSUSE Leap 15.5
zypper in -t patch openSUSE-SLE-15.5-2024-1368=1

* SUSE Linux Enterprise Micro for Rancher 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2024-1368=1

* SUSE Linux Enterprise Micro 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2024-1368=1

* SUSE Linux Enterprise Micro for Rancher 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2024-1368=1

* SUSE Linux Enterprise Micro 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2024-1368=1

* SUSE Linux Enterprise Micro 5.5
zypper in -t patch SUSE-SLE-Micro-5.5-2024-1368=1

* Basesystem Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-1368=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-1368=1

* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-1368=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-1368=1

* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4
zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-1368=1

* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3
zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-1368=1

* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4
zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-1368=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP3
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-1368=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP4
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-1368=1

* SUSE Manager Proxy 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-1368=1

* SUSE Manager Retail Branch Server 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-
Server-4.3-2024-1368=1

* SUSE Manager Server 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-1368=1

* SUSE Enterprise Storage 7.1
zypper in -t patch SUSE-Storage-7.1-2024-1368=1

* SUSE Linux Enterprise Micro 5.1
zypper in -t patch SUSE-SUSE-MicroOS-5.1-2024-1368=1

* SUSE Linux Enterprise Micro 5.2
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-1368=1

* SUSE Linux Enterprise Micro for Rancher 5.2
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-1368=1

## Package List:

* openSUSE Leap 15.3 (aarch64 x86_64 i586)
* efitools-debugsource-1.9.2-150300.7.3.1
* efitools-debuginfo-1.9.2-150300.7.3.1
* efitools-1.9.2-150300.7.3.1
* openSUSE Leap 15.3 (aarch64 x86_64)
* shim-debugsource-15.8-150300.4.20.2
* shim-debuginfo-15.8-150300.4.20.2
* shim-15.8-150300.4.20.2
* openSUSE Leap Micro 5.3 (aarch64 x86_64)
* shim-debugsource-15.8-150300.4.20.2
* shim-debuginfo-15.8-150300.4.20.2
* shim-15.8-150300.4.20.2
* openSUSE Leap Micro 5.4 (aarch64 x86_64)
* shim-debugsource-15.8-150300.4.20.2
* shim-debuginfo-15.8-150300.4.20.2
* shim-15.8-150300.4.20.2
* openSUSE Leap 15.5 (aarch64 x86_64)
* shim-debugsource-15.8-150300.4.20.2
* shim-debuginfo-15.8-150300.4.20.2
* shim-15.8-150300.4.20.2
* SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 x86_64)
* shim-debugsource-15.8-150300.4.20.2
* shim-debuginfo-15.8-150300.4.20.2
* shim-15.8-150300.4.20.2
* SUSE Linux Enterprise Micro 5.3 (aarch64 x86_64)
* shim-debugsource-15.8-150300.4.20.2
* shim-debuginfo-15.8-150300.4.20.2
* shim-15.8-150300.4.20.2
* SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 x86_64)
* shim-debugsource-15.8-150300.4.20.2
* shim-debuginfo-15.8-150300.4.20.2
* shim-15.8-150300.4.20.2
* SUSE Linux Enterprise Micro 5.4 (aarch64 x86_64)
* shim-debugsource-15.8-150300.4.20.2
* shim-debuginfo-15.8-150300.4.20.2
* shim-15.8-150300.4.20.2
* SUSE Linux Enterprise Micro 5.5 (aarch64 x86_64)
* shim-debugsource-15.8-150300.4.20.2
* shim-debuginfo-15.8-150300.4.20.2
* shim-15.8-150300.4.20.2
* Basesystem Module 15-SP5 (aarch64 x86_64)
* shim-debugsource-15.8-150300.4.20.2
* shim-debuginfo-15.8-150300.4.20.2
* shim-15.8-150300.4.20.2
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64
x86_64)
* shim-debugsource-15.8-150300.4.20.2
* shim-debuginfo-15.8-150300.4.20.2
* shim-15.8-150300.4.20.2
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
x86_64)
* shim-debugsource-15.8-150300.4.20.2
* shim-debuginfo-15.8-150300.4.20.2
* shim-15.8-150300.4.20.2
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
x86_64)
* shim-debugsource-15.8-150300.4.20.2
* shim-debuginfo-15.8-150300.4.20.2
* shim-15.8-150300.4.20.2
* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64)
* shim-debugsource-15.8-150300.4.20.2
* shim-debuginfo-15.8-150300.4.20.2
* shim-15.8-150300.4.20.2
* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 x86_64)
* shim-debugsource-15.8-150300.4.20.2
* shim-debuginfo-15.8-150300.4.20.2
* shim-15.8-150300.4.20.2
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 x86_64)
* shim-debugsource-15.8-150300.4.20.2
* shim-debuginfo-15.8-150300.4.20.2
* shim-15.8-150300.4.20.2
* SUSE Linux Enterprise Server for SAP Applications 15 SP3 (x86_64)
* shim-debugsource-15.8-150300.4.20.2
* shim-debuginfo-15.8-150300.4.20.2
* shim-15.8-150300.4.20.2
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64)
* shim-debugsource-15.8-150300.4.20.2
* shim-debuginfo-15.8-150300.4.20.2
* shim-15.8-150300.4.20.2
* SUSE Manager Proxy 4.3 (x86_64)
* shim-debugsource-15.8-150300.4.20.2
* shim-debuginfo-15.8-150300.4.20.2
* shim-15.8-150300.4.20.2
* SUSE Manager Retail Branch Server 4.3 (x86_64)
* shim-debugsource-15.8-150300.4.20.2
* shim-debuginfo-15.8-150300.4.20.2
* shim-15.8-150300.4.20.2
* SUSE Manager Server 4.3 (x86_64)
* shim-debugsource-15.8-150300.4.20.2
* shim-debuginfo-15.8-150300.4.20.2
* shim-15.8-150300.4.20.2
* SUSE Enterprise Storage 7.1 (aarch64 x86_64)
* shim-debugsource-15.8-150300.4.20.2
* shim-debuginfo-15.8-150300.4.20.2
* shim-15.8-150300.4.20.2
* SUSE Linux Enterprise Micro 5.1 (aarch64 x86_64)
* shim-debugsource-15.8-150300.4.20.2
* shim-debuginfo-15.8-150300.4.20.2
* shim-15.8-150300.4.20.2
* SUSE Linux Enterprise Micro 5.2 (aarch64 x86_64)
* shim-debugsource-15.8-150300.4.20.2
* shim-debuginfo-15.8-150300.4.20.2
* shim-15.8-150300.4.20.2
* SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 x86_64)
* shim-debugsource-15.8-150300.4.20.2
* shim-debuginfo-15.8-150300.4.20.2
* shim-15.8-150300.4.20.2

## References:

* https://www.suse.com/security/cve/CVE-2022-28737.html
* https://www.suse.com/security/cve/CVE-2023-40546.html
* https://www.suse.com/security/cve/CVE-2023-40547.html
* https://www.suse.com/security/cve/CVE-2023-40548.html
* https://www.suse.com/security/cve/CVE-2023-40549.html
* https://www.suse.com/security/cve/CVE-2023-40550.html
* https://www.suse.com/security/cve/CVE-2023-40551.html
* https://bugzilla.suse.com/show_bug.cgi?id=1198101
* https://bugzilla.suse.com/show_bug.cgi?id=1205588
* https://bugzilla.suse.com/show_bug.cgi?id=1205855
* https://bugzilla.suse.com/show_bug.cgi?id=1210382
* https://bugzilla.suse.com/show_bug.cgi?id=1213945
* https://bugzilla.suse.com/show_bug.cgi?id=1215098
* https://bugzilla.suse.com/show_bug.cgi?id=1215099
* https://bugzilla.suse.com/show_bug.cgi?id=1215100
* https://bugzilla.suse.com/show_bug.cgi?id=1215101
* https://bugzilla.suse.com/show_bug.cgi?id=1215102
* https://bugzilla.suse.com/show_bug.cgi?id=1215103
* https://bugzilla.suse.com/show_bug.cgi?id=1219460
* https://jira.suse.com/browse/PED-922



SUSE-SU-2024:1365-1: moderate: Security update for apache-commons-configuration2


# Security update for apache-commons-configuration2

Announcement ID: SUSE-SU-2024:1365-1
Rating: moderate
References:

* bsc#1221793
* bsc#1221797

Cross-References:

* CVE-2024-29131
* CVE-2024-29133

CVSS scores:

* CVE-2024-29131 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
* CVE-2024-29133 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L

Affected Products:

* Development Tools Module 15-SP5
* openSUSE Leap 15.5
* SUSE Enterprise Storage 7.1
* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4
* SUSE Linux Enterprise Desktop 15 SP5
* SUSE Linux Enterprise High Performance Computing 15 SP2
* SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2
* SUSE Linux Enterprise High Performance Computing 15 SP3
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
* SUSE Linux Enterprise Real Time 15 SP5
* SUSE Linux Enterprise Server 15 SP2
* SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2
* SUSE Linux Enterprise Server 15 SP3
* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP2
* SUSE Linux Enterprise Server for SAP Applications 15 SP3
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP5

An update that solves two vulnerabilities can now be installed.

## Description:

This update for apache-commons-configuration2 fixes the following issues:

* CVE-2024-29131: Fixed StackOverflowError adding property in
AbstractListDelimiterHandler.flattenIterator() (bsc#1221797).
* CVE-2024-29133: Fixed StackOverflowError calling
ListDelimiterHandler.flatten(Object, int) with a cyclical object tree
(bsc#1221793).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.5
zypper in -t patch openSUSE-SLE-15.5-2024-1365=1

* Development Tools Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP5-2024-1365=1

* SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-1365=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-1365=1

* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-1365=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-1365=1

* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4
zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-1365=1

* SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-1365=1

* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3
zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-1365=1

* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4
zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-1365=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP2
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-1365=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP3
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-1365=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP4
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-1365=1

* SUSE Enterprise Storage 7.1
zypper in -t patch SUSE-Storage-7.1-2024-1365=1

## Package List:

* openSUSE Leap 15.5 (noarch)
* apache-commons-configuration2-2.10.1-150200.5.8.1
* apache-commons-configuration2-javadoc-2.10.1-150200.5.8.1
* Development Tools Module 15-SP5 (noarch)
* apache-commons-configuration2-2.10.1-150200.5.8.1
* SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (noarch)
* apache-commons-configuration2-2.10.1-150200.5.8.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch)
* apache-commons-configuration2-2.10.1-150200.5.8.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch)
* apache-commons-configuration2-2.10.1-150200.5.8.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch)
* apache-commons-configuration2-2.10.1-150200.5.8.1
* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (noarch)
* apache-commons-configuration2-2.10.1-150200.5.8.1
* SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (noarch)
* apache-commons-configuration2-2.10.1-150200.5.8.1
* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (noarch)
* apache-commons-configuration2-2.10.1-150200.5.8.1
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch)
* apache-commons-configuration2-2.10.1-150200.5.8.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP2 (noarch)
* apache-commons-configuration2-2.10.1-150200.5.8.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch)
* apache-commons-configuration2-2.10.1-150200.5.8.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch)
* apache-commons-configuration2-2.10.1-150200.5.8.1
* SUSE Enterprise Storage 7.1 (noarch)
* apache-commons-configuration2-2.10.1-150200.5.8.1

## References:

* https://www.suse.com/security/cve/CVE-2024-29131.html
* https://www.suse.com/security/cve/CVE-2024-29133.html
* https://bugzilla.suse.com/show_bug.cgi?id=1221793
* https://bugzilla.suse.com/show_bug.cgi?id=1221797



SUSE-SU-2024:1347-1: important: Security update for wireshark


# Security update for wireshark

Announcement ID: SUSE-SU-2024:1347-1
Rating: important
References:

* bsc#1220181

Cross-References:

* CVE-2024-24476

CVSS scores:

* CVE-2024-24476 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products:

* Basesystem Module 15-SP5
* Desktop Applications Module 15-SP5
* openSUSE Leap 15.5
* SUSE Enterprise Storage 7.1
* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4
* SUSE Linux Enterprise Desktop 15 SP5
* SUSE Linux Enterprise High Performance Computing 15 SP2
* SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2
* SUSE Linux Enterprise High Performance Computing 15 SP3
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
* SUSE Linux Enterprise Real Time 15 SP5
* SUSE Linux Enterprise Server 15 SP2
* SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2
* SUSE Linux Enterprise Server 15 SP3
* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP2
* SUSE Linux Enterprise Server for SAP Applications 15 SP3
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Manager Proxy 4.3
* SUSE Manager Retail Branch Server 4.3
* SUSE Manager Server 4.3

An update that solves one vulnerability can now be installed.

## Description:

This update for wireshark fixes the following issues:

Security fixes:

* CVE-2024-24476: Fixed a denial of service in ws_manuf_lookup_str()
(bsc#1220181)

Other fixes:

* Wireshark 3.6.22:
* Further features, bug fixes and updated protocol support as listed in:
https://www.wireshark.org/docs/relnotes/wireshark-3.6.22.html

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.5
zypper in -t patch openSUSE-SLE-15.5-2024-1347=1

* Basesystem Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-1347=1

* Desktop Applications Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP5-2024-1347=1

* SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-1347=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-1347=1

* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-1347=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-1347=1

* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4
zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-1347=1

* SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-1347=1

* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3
zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-1347=1

* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4
zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-1347=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP2
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-1347=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP3
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-1347=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP4
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-1347=1

* SUSE Manager Proxy 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-1347=1

* SUSE Manager Retail Branch Server 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-
Server-4.3-2024-1347=1

* SUSE Manager Server 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-1347=1

* SUSE Enterprise Storage 7.1
zypper in -t patch SUSE-Storage-7.1-2024-1347=1

## Package List:

* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64)
* wireshark-debugsource-3.6.22-150000.3.112.1
* libwiretap12-debuginfo-3.6.22-150000.3.112.1
* wireshark-ui-qt-3.6.22-150000.3.112.1
* wireshark-debuginfo-3.6.22-150000.3.112.1
* libwsutil13-3.6.22-150000.3.112.1
* wireshark-devel-3.6.22-150000.3.112.1
* libwireshark15-3.6.22-150000.3.112.1
* libwireshark15-debuginfo-3.6.22-150000.3.112.1
* wireshark-ui-qt-debuginfo-3.6.22-150000.3.112.1
* wireshark-3.6.22-150000.3.112.1
* libwsutil13-debuginfo-3.6.22-150000.3.112.1
* libwiretap12-3.6.22-150000.3.112.1
* Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64)
* wireshark-debugsource-3.6.22-150000.3.112.1
* libwiretap12-debuginfo-3.6.22-150000.3.112.1
* wireshark-debuginfo-3.6.22-150000.3.112.1
* libwsutil13-3.6.22-150000.3.112.1
* libwireshark15-3.6.22-150000.3.112.1
* libwireshark15-debuginfo-3.6.22-150000.3.112.1
* wireshark-3.6.22-150000.3.112.1
* libwsutil13-debuginfo-3.6.22-150000.3.112.1
* libwiretap12-3.6.22-150000.3.112.1
* Desktop Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64)
* wireshark-debugsource-3.6.22-150000.3.112.1
* wireshark-ui-qt-3.6.22-150000.3.112.1
* wireshark-debuginfo-3.6.22-150000.3.112.1
* wireshark-devel-3.6.22-150000.3.112.1
* wireshark-ui-qt-debuginfo-3.6.22-150000.3.112.1
* SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64
x86_64)
* wireshark-debugsource-3.6.22-150000.3.112.1
* libwiretap12-debuginfo-3.6.22-150000.3.112.1
* wireshark-ui-qt-3.6.22-150000.3.112.1
* wireshark-debuginfo-3.6.22-150000.3.112.1
* libwsutil13-3.6.22-150000.3.112.1
* wireshark-devel-3.6.22-150000.3.112.1
* libwireshark15-3.6.22-150000.3.112.1
* libwireshark15-debuginfo-3.6.22-150000.3.112.1
* wireshark-ui-qt-debuginfo-3.6.22-150000.3.112.1
* wireshark-3.6.22-150000.3.112.1
* libwsutil13-debuginfo-3.6.22-150000.3.112.1
* libwiretap12-3.6.22-150000.3.112.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64
x86_64)
* wireshark-debugsource-3.6.22-150000.3.112.1
* libwiretap12-debuginfo-3.6.22-150000.3.112.1
* wireshark-ui-qt-3.6.22-150000.3.112.1
* wireshark-debuginfo-3.6.22-150000.3.112.1
* libwsutil13-3.6.22-150000.3.112.1
* wireshark-devel-3.6.22-150000.3.112.1
* libwireshark15-3.6.22-150000.3.112.1
* libwireshark15-debuginfo-3.6.22-150000.3.112.1
* wireshark-ui-qt-debuginfo-3.6.22-150000.3.112.1
* wireshark-3.6.22-150000.3.112.1
* libwsutil13-debuginfo-3.6.22-150000.3.112.1
* libwiretap12-3.6.22-150000.3.112.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
x86_64)
* wireshark-debugsource-3.6.22-150000.3.112.1
* libwiretap12-debuginfo-3.6.22-150000.3.112.1
* wireshark-ui-qt-3.6.22-150000.3.112.1
* wireshark-debuginfo-3.6.22-150000.3.112.1
* libwsutil13-3.6.22-150000.3.112.1
* wireshark-devel-3.6.22-150000.3.112.1
* libwireshark15-3.6.22-150000.3.112.1
* libwireshark15-debuginfo-3.6.22-150000.3.112.1
* wireshark-ui-qt-debuginfo-3.6.22-150000.3.112.1
* wireshark-3.6.22-150000.3.112.1
* libwsutil13-debuginfo-3.6.22-150000.3.112.1
* libwiretap12-3.6.22-150000.3.112.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
x86_64)
* wireshark-debugsource-3.6.22-150000.3.112.1
* libwiretap12-debuginfo-3.6.22-150000.3.112.1
* wireshark-ui-qt-3.6.22-150000.3.112.1
* wireshark-debuginfo-3.6.22-150000.3.112.1
* libwsutil13-3.6.22-150000.3.112.1
* wireshark-devel-3.6.22-150000.3.112.1
* libwireshark15-3.6.22-150000.3.112.1
* libwireshark15-debuginfo-3.6.22-150000.3.112.1
* wireshark-ui-qt-debuginfo-3.6.22-150000.3.112.1
* wireshark-3.6.22-150000.3.112.1
* libwsutil13-debuginfo-3.6.22-150000.3.112.1
* libwiretap12-3.6.22-150000.3.112.1
* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64)
* wireshark-debugsource-3.6.22-150000.3.112.1
* libwiretap12-debuginfo-3.6.22-150000.3.112.1
* wireshark-ui-qt-3.6.22-150000.3.112.1
* wireshark-debuginfo-3.6.22-150000.3.112.1
* libwsutil13-3.6.22-150000.3.112.1
* wireshark-devel-3.6.22-150000.3.112.1
* libwireshark15-3.6.22-150000.3.112.1
* libwireshark15-debuginfo-3.6.22-150000.3.112.1
* wireshark-ui-qt-debuginfo-3.6.22-150000.3.112.1
* wireshark-3.6.22-150000.3.112.1
* libwsutil13-debuginfo-3.6.22-150000.3.112.1
* libwiretap12-3.6.22-150000.3.112.1
* SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x
x86_64)
* wireshark-debugsource-3.6.22-150000.3.112.1
* libwiretap12-debuginfo-3.6.22-150000.3.112.1
* wireshark-ui-qt-3.6.22-150000.3.112.1
* wireshark-debuginfo-3.6.22-150000.3.112.1
* libwsutil13-3.6.22-150000.3.112.1
* wireshark-devel-3.6.22-150000.3.112.1
* libwireshark15-3.6.22-150000.3.112.1
* libwireshark15-debuginfo-3.6.22-150000.3.112.1
* wireshark-ui-qt-debuginfo-3.6.22-150000.3.112.1
* wireshark-3.6.22-150000.3.112.1
* libwsutil13-debuginfo-3.6.22-150000.3.112.1
* libwiretap12-3.6.22-150000.3.112.1
* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x
x86_64)
* wireshark-debugsource-3.6.22-150000.3.112.1
* libwiretap12-debuginfo-3.6.22-150000.3.112.1
* wireshark-ui-qt-3.6.22-150000.3.112.1
* wireshark-debuginfo-3.6.22-150000.3.112.1
* libwsutil13-3.6.22-150000.3.112.1
* wireshark-devel-3.6.22-150000.3.112.1
* libwireshark15-3.6.22-150000.3.112.1
* libwireshark15-debuginfo-3.6.22-150000.3.112.1
* wireshark-ui-qt-debuginfo-3.6.22-150000.3.112.1
* wireshark-3.6.22-150000.3.112.1
* libwsutil13-debuginfo-3.6.22-150000.3.112.1
* libwiretap12-3.6.22-150000.3.112.1
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x
x86_64)
* wireshark-debugsource-3.6.22-150000.3.112.1
* libwiretap12-debuginfo-3.6.22-150000.3.112.1
* wireshark-ui-qt-3.6.22-150000.3.112.1
* wireshark-debuginfo-3.6.22-150000.3.112.1
* libwsutil13-3.6.22-150000.3.112.1
* wireshark-devel-3.6.22-150000.3.112.1
* libwireshark15-3.6.22-150000.3.112.1
* libwireshark15-debuginfo-3.6.22-150000.3.112.1
* wireshark-ui-qt-debuginfo-3.6.22-150000.3.112.1
* wireshark-3.6.22-150000.3.112.1
* libwsutil13-debuginfo-3.6.22-150000.3.112.1
* libwiretap12-3.6.22-150000.3.112.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64)
* wireshark-debugsource-3.6.22-150000.3.112.1
* libwiretap12-debuginfo-3.6.22-150000.3.112.1
* wireshark-ui-qt-3.6.22-150000.3.112.1
* wireshark-debuginfo-3.6.22-150000.3.112.1
* libwsutil13-3.6.22-150000.3.112.1
* wireshark-devel-3.6.22-150000.3.112.1
* libwireshark15-3.6.22-150000.3.112.1
* libwireshark15-debuginfo-3.6.22-150000.3.112.1
* wireshark-ui-qt-debuginfo-3.6.22-150000.3.112.1
* wireshark-3.6.22-150000.3.112.1
* libwsutil13-debuginfo-3.6.22-150000.3.112.1
* libwiretap12-3.6.22-150000.3.112.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64)
* wireshark-debugsource-3.6.22-150000.3.112.1
* libwiretap12-debuginfo-3.6.22-150000.3.112.1
* wireshark-ui-qt-3.6.22-150000.3.112.1
* wireshark-debuginfo-3.6.22-150000.3.112.1
* libwsutil13-3.6.22-150000.3.112.1
* wireshark-devel-3.6.22-150000.3.112.1
* libwireshark15-3.6.22-150000.3.112.1
* libwireshark15-debuginfo-3.6.22-150000.3.112.1
* wireshark-ui-qt-debuginfo-3.6.22-150000.3.112.1
* wireshark-3.6.22-150000.3.112.1
* libwsutil13-debuginfo-3.6.22-150000.3.112.1
* libwiretap12-3.6.22-150000.3.112.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
* wireshark-debugsource-3.6.22-150000.3.112.1
* libwiretap12-debuginfo-3.6.22-150000.3.112.1
* wireshark-ui-qt-3.6.22-150000.3.112.1
* wireshark-debuginfo-3.6.22-150000.3.112.1
* libwsutil13-3.6.22-150000.3.112.1
* wireshark-devel-3.6.22-150000.3.112.1
* libwireshark15-3.6.22-150000.3.112.1
* libwireshark15-debuginfo-3.6.22-150000.3.112.1
* wireshark-ui-qt-debuginfo-3.6.22-150000.3.112.1
* wireshark-3.6.22-150000.3.112.1
* libwsutil13-debuginfo-3.6.22-150000.3.112.1
* libwiretap12-3.6.22-150000.3.112.1
* SUSE Manager Proxy 4.3 (x86_64)
* wireshark-debugsource-3.6.22-150000.3.112.1
* libwiretap12-debuginfo-3.6.22-150000.3.112.1
* wireshark-debuginfo-3.6.22-150000.3.112.1
* libwsutil13-3.6.22-150000.3.112.1
* libwireshark15-3.6.22-150000.3.112.1
* libwireshark15-debuginfo-3.6.22-150000.3.112.1
* wireshark-3.6.22-150000.3.112.1
* libwsutil13-debuginfo-3.6.22-150000.3.112.1
* libwiretap12-3.6.22-150000.3.112.1
* SUSE Manager Retail Branch Server 4.3 (x86_64)
* wireshark-debugsource-3.6.22-150000.3.112.1
* libwiretap12-debuginfo-3.6.22-150000.3.112.1
* wireshark-debuginfo-3.6.22-150000.3.112.1
* libwsutil13-3.6.22-150000.3.112.1
* libwireshark15-3.6.22-150000.3.112.1
* libwireshark15-debuginfo-3.6.22-150000.3.112.1
* wireshark-3.6.22-150000.3.112.1
* libwsutil13-debuginfo-3.6.22-150000.3.112.1
* libwiretap12-3.6.22-150000.3.112.1
* SUSE Manager Server 4.3 (ppc64le s390x x86_64)
* wireshark-debugsource-3.6.22-150000.3.112.1
* libwiretap12-debuginfo-3.6.22-150000.3.112.1
* wireshark-debuginfo-3.6.22-150000.3.112.1
* libwsutil13-3.6.22-150000.3.112.1
* libwireshark15-3.6.22-150000.3.112.1
* libwireshark15-debuginfo-3.6.22-150000.3.112.1
* wireshark-3.6.22-150000.3.112.1
* libwsutil13-debuginfo-3.6.22-150000.3.112.1
* libwiretap12-3.6.22-150000.3.112.1
* SUSE Enterprise Storage 7.1 (aarch64 x86_64)
* wireshark-debugsource-3.6.22-150000.3.112.1
* libwiretap12-debuginfo-3.6.22-150000.3.112.1
* wireshark-ui-qt-3.6.22-150000.3.112.1
* wireshark-debuginfo-3.6.22-150000.3.112.1
* libwsutil13-3.6.22-150000.3.112.1
* wireshark-devel-3.6.22-150000.3.112.1
* libwireshark15-3.6.22-150000.3.112.1
* libwireshark15-debuginfo-3.6.22-150000.3.112.1
* wireshark-ui-qt-debuginfo-3.6.22-150000.3.112.1
* wireshark-3.6.22-150000.3.112.1
* libwsutil13-debuginfo-3.6.22-150000.3.112.1
* libwiretap12-3.6.22-150000.3.112.1

## References:

* https://www.suse.com/security/cve/CVE-2024-24476.html
* https://bugzilla.suse.com/show_bug.cgi?id=1220181



SUSE-SU-2024:1350-1: important: Security update for MozillaFirefox


# Security update for MozillaFirefox

Announcement ID: SUSE-SU-2024:1350-1
Rating: important
References:

* bsc#1222535

Cross-References:

* CVE-2024-2609
* CVE-2024-3302
* CVE-2024-3852
* CVE-2024-3854
* CVE-2024-3857
* CVE-2024-3859
* CVE-2024-3861
* CVE-2024-3863
* CVE-2024-3864

CVSS scores:

* CVE-2024-2609 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

Affected Products:

* Desktop Applications Module 15-SP5
* openSUSE Leap 15.5
* SUSE Enterprise Storage 7.1
* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4
* SUSE Linux Enterprise Desktop 15 SP5
* SUSE Linux Enterprise High Performance Computing 15 SP2
* SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2
* SUSE Linux Enterprise High Performance Computing 15 SP3
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
* SUSE Linux Enterprise Real Time 15 SP5
* SUSE Linux Enterprise Server 15 SP2
* SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2
* SUSE Linux Enterprise Server 15 SP3
* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP2
* SUSE Linux Enterprise Server for SAP Applications 15 SP3
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP5

An update that solves nine vulnerabilities can now be installed.

## Description:

This update for MozillaFirefox fixes the following issues:

Update to Firefox Extended Support Release 115.10.0 ESR (MSFA 2024-19)
(bsc#1222535):

* CVE-2024-3852: GetBoundName in the JIT returned the wrong object
* CVE-2024-3854: Out-of-bounds-read after mis-optimized switch statement
* CVE-2024-3857: Incorrect JITting of arguments led to use-after-free during
garbage collection
* CVE-2024-2609: Permission prompt input delay could expire when not in focus
* CVE-2024-3859: Integer-overflow led to out-of-bounds-read in the OpenType
sanitizer
* CVE-2024-3861: Potential use-after-free due to AlignedBuffer self-move
* CVE-2024-3863: Download Protections were bypassed by .xrm-ms files on
Windows
* CVE-2024-3302: Denial of Service using HTTP/2 CONTINUATION frames
* CVE-2024-3864: Memory safety bug fixed in Firefox 125, Firefox ESR 115.10,
and Thunderbird 115.10

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3
zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-1350=1

* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4
zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-1350=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP2
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-1350=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP3
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-1350=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP4
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-1350=1

* SUSE Enterprise Storage 7.1
zypper in -t patch SUSE-Storage-7.1-2024-1350=1

* openSUSE Leap 15.5
zypper in -t patch openSUSE-SLE-15.5-2024-1350=1

* Desktop Applications Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP5-2024-1350=1

* SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-1350=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-1350=1

* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-1350=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-1350=1

* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4
zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-1350=1

* SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-1350=1

## Package List:

* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x
x86_64)
* MozillaFirefox-115.10.0-150200.152.134.1
* MozillaFirefox-translations-other-115.10.0-150200.152.134.1
* MozillaFirefox-translations-common-115.10.0-150200.152.134.1
* MozillaFirefox-debuginfo-115.10.0-150200.152.134.1
* MozillaFirefox-debugsource-115.10.0-150200.152.134.1
* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (noarch)
* MozillaFirefox-devel-115.10.0-150200.152.134.1
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x
x86_64)
* MozillaFirefox-115.10.0-150200.152.134.1
* MozillaFirefox-translations-other-115.10.0-150200.152.134.1
* MozillaFirefox-translations-common-115.10.0-150200.152.134.1
* MozillaFirefox-debuginfo-115.10.0-150200.152.134.1
* MozillaFirefox-debugsource-115.10.0-150200.152.134.1
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch)
* MozillaFirefox-devel-115.10.0-150200.152.134.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64)
* MozillaFirefox-115.10.0-150200.152.134.1
* MozillaFirefox-translations-other-115.10.0-150200.152.134.1
* MozillaFirefox-translations-common-115.10.0-150200.152.134.1
* MozillaFirefox-debuginfo-115.10.0-150200.152.134.1
* MozillaFirefox-debugsource-115.10.0-150200.152.134.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP2 (noarch)
* MozillaFirefox-devel-115.10.0-150200.152.134.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64)
* MozillaFirefox-115.10.0-150200.152.134.1
* MozillaFirefox-translations-other-115.10.0-150200.152.134.1
* MozillaFirefox-translations-common-115.10.0-150200.152.134.1
* MozillaFirefox-debuginfo-115.10.0-150200.152.134.1
* MozillaFirefox-debugsource-115.10.0-150200.152.134.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch)
* MozillaFirefox-devel-115.10.0-150200.152.134.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
* MozillaFirefox-115.10.0-150200.152.134.1
* MozillaFirefox-translations-other-115.10.0-150200.152.134.1
* MozillaFirefox-translations-common-115.10.0-150200.152.134.1
* MozillaFirefox-debuginfo-115.10.0-150200.152.134.1
* MozillaFirefox-debugsource-115.10.0-150200.152.134.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch)
* MozillaFirefox-devel-115.10.0-150200.152.134.1
* SUSE Enterprise Storage 7.1 (aarch64 x86_64)
* MozillaFirefox-115.10.0-150200.152.134.1
* MozillaFirefox-translations-other-115.10.0-150200.152.134.1
* MozillaFirefox-translations-common-115.10.0-150200.152.134.1
* MozillaFirefox-debuginfo-115.10.0-150200.152.134.1
* MozillaFirefox-debugsource-115.10.0-150200.152.134.1
* SUSE Enterprise Storage 7.1 (noarch)
* MozillaFirefox-devel-115.10.0-150200.152.134.1
* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64)
* MozillaFirefox-115.10.0-150200.152.134.1
* MozillaFirefox-translations-other-115.10.0-150200.152.134.1
* MozillaFirefox-translations-common-115.10.0-150200.152.134.1
* MozillaFirefox-debuginfo-115.10.0-150200.152.134.1
* MozillaFirefox-branding-upstream-115.10.0-150200.152.134.1
* MozillaFirefox-debugsource-115.10.0-150200.152.134.1
* openSUSE Leap 15.5 (noarch)
* MozillaFirefox-devel-115.10.0-150200.152.134.1
* Desktop Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64)
* MozillaFirefox-115.10.0-150200.152.134.1
* MozillaFirefox-translations-other-115.10.0-150200.152.134.1
* MozillaFirefox-translations-common-115.10.0-150200.152.134.1
* MozillaFirefox-debuginfo-115.10.0-150200.152.134.1
* MozillaFirefox-debugsource-115.10.0-150200.152.134.1
* Desktop Applications Module 15-SP5 (noarch)
* MozillaFirefox-devel-115.10.0-150200.152.134.1
* SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64
x86_64)
* MozillaFirefox-115.10.0-150200.152.134.1
* MozillaFirefox-translations-other-115.10.0-150200.152.134.1
* MozillaFirefox-translations-common-115.10.0-150200.152.134.1
* MozillaFirefox-debuginfo-115.10.0-150200.152.134.1
* MozillaFirefox-debugsource-115.10.0-150200.152.134.1
* SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (noarch)
* MozillaFirefox-devel-115.10.0-150200.152.134.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64
x86_64)
* MozillaFirefox-115.10.0-150200.152.134.1
* MozillaFirefox-translations-other-115.10.0-150200.152.134.1
* MozillaFirefox-translations-common-115.10.0-150200.152.134.1
* MozillaFirefox-debuginfo-115.10.0-150200.152.134.1
* MozillaFirefox-debugsource-115.10.0-150200.152.134.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch)
* MozillaFirefox-devel-115.10.0-150200.152.134.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
x86_64)
* MozillaFirefox-115.10.0-150200.152.134.1
* MozillaFirefox-translations-other-115.10.0-150200.152.134.1
* MozillaFirefox-translations-common-115.10.0-150200.152.134.1
* MozillaFirefox-debuginfo-115.10.0-150200.152.134.1
* MozillaFirefox-debugsource-115.10.0-150200.152.134.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch)
* MozillaFirefox-devel-115.10.0-150200.152.134.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
x86_64)
* MozillaFirefox-115.10.0-150200.152.134.1
* MozillaFirefox-translations-other-115.10.0-150200.152.134.1
* MozillaFirefox-translations-common-115.10.0-150200.152.134.1
* MozillaFirefox-debuginfo-115.10.0-150200.152.134.1
* MozillaFirefox-debugsource-115.10.0-150200.152.134.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch)
* MozillaFirefox-devel-115.10.0-150200.152.134.1
* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64)
* MozillaFirefox-115.10.0-150200.152.134.1
* MozillaFirefox-translations-other-115.10.0-150200.152.134.1
* MozillaFirefox-translations-common-115.10.0-150200.152.134.1
* MozillaFirefox-debuginfo-115.10.0-150200.152.134.1
* MozillaFirefox-debugsource-115.10.0-150200.152.134.1
* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (noarch)
* MozillaFirefox-devel-115.10.0-150200.152.134.1
* SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x
x86_64)
* MozillaFirefox-115.10.0-150200.152.134.1
* MozillaFirefox-translations-other-115.10.0-150200.152.134.1
* MozillaFirefox-translations-common-115.10.0-150200.152.134.1
* MozillaFirefox-debuginfo-115.10.0-150200.152.134.1
* MozillaFirefox-debugsource-115.10.0-150200.152.134.1
* SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (noarch)
* MozillaFirefox-devel-115.10.0-150200.152.134.1

## References:

* https://www.suse.com/security/cve/CVE-2024-2609.html
* https://www.suse.com/security/cve/CVE-2024-3302.html
* https://www.suse.com/security/cve/CVE-2024-3852.html
* https://www.suse.com/security/cve/CVE-2024-3854.html
* https://www.suse.com/security/cve/CVE-2024-3857.html
* https://www.suse.com/security/cve/CVE-2024-3859.html
* https://www.suse.com/security/cve/CVE-2024-3861.html
* https://www.suse.com/security/cve/CVE-2024-3863.html
* https://www.suse.com/security/cve/CVE-2024-3864.html
* https://bugzilla.suse.com/show_bug.cgi?id=1222535



SUSE-SU-2024:1351-1: low: Security update for graphviz


# Security update for graphviz

Announcement ID: SUSE-SU-2024:1351-1
Rating: low
References:

* bsc#1219491

Cross-References:

* CVE-2023-46045

CVSS scores:

* CVE-2023-46045 ( SUSE ): 3.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:L
* CVE-2023-46045 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected Products:

* Basesystem Module 15-SP5
* Development Tools Module 15-SP5
* openSUSE Leap 15.4
* openSUSE Leap 15.5
* Server Applications Module 15-SP5
* SUSE Linux Enterprise Desktop 15 SP5
* SUSE Linux Enterprise High Availability Extension 15 SP4
* SUSE Linux Enterprise High Availability Extension 15 SP5
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise Micro 5.5
* SUSE Linux Enterprise Real Time 15 SP5
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Manager Proxy 4.3
* SUSE Manager Retail Branch Server 4.3
* SUSE Manager Server 4.3
* SUSE Package Hub 15 15-SP5

An update that solves one vulnerability can now be installed.

## Description:

This update for graphviz fixes the following issues:

* CVE-2023-46045: Fixed out-of-bounds read via a crafted config6a file
(bsc#1219491)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.4
zypper in -t patch SUSE-2024-1351=1

* openSUSE Leap 15.5
zypper in -t patch openSUSE-SLE-15.5-2024-1351=1

* Basesystem Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-1351=1

* Development Tools Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP5-2024-1351=1

* SUSE Package Hub 15 15-SP5
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-1351=1

* Server Applications Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP5-2024-1351=1

* SUSE Linux Enterprise High Availability Extension 15 SP4
zypper in -t patch SUSE-SLE-Product-HA-15-SP4-2024-1351=1

* SUSE Linux Enterprise High Availability Extension 15 SP5
zypper in -t patch SUSE-SLE-Product-HA-15-SP5-2024-1351=1

## Package List:

* openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
* python3-gv-2.48.0-150400.3.3.1
* graphviz-lua-2.48.0-150400.3.3.1
* graphviz-addons-debuginfo-2.48.0-150400.3.3.1
* graphviz-gd-debuginfo-2.48.0-150400.3.3.1
* graphviz-tcl-2.48.0-150400.3.3.1
* graphviz-php-debuginfo-2.48.0-150400.3.3.1
* graphviz-lua-debuginfo-2.48.0-150400.3.3.1
* libgraphviz6-2.48.0-150400.3.3.1
* graphviz-guile-2.48.0-150400.3.3.1
* graphviz-webp-debuginfo-2.48.0-150400.3.3.1
* graphviz-gnome-2.48.0-150400.3.3.1
* graphviz-tcl-debuginfo-2.48.0-150400.3.3.1
* graphviz-guile-debuginfo-2.48.0-150400.3.3.1
* graphviz-webp-2.48.0-150400.3.3.1
* graphviz-java-debuginfo-2.48.0-150400.3.3.1
* graphviz-perl-debuginfo-2.48.0-150400.3.3.1
* graphviz-gvedit-2.48.0-150400.3.3.1
* graphviz-java-2.48.0-150400.3.3.1
* graphviz-devel-2.48.0-150400.3.3.1
* graphviz-doc-2.48.0-150400.3.3.1
* graphviz-plugins-core-2.48.0-150400.3.3.1
* graphviz-x11-2.48.0-150400.3.3.1
* graphviz-debugsource-2.48.0-150400.3.3.1
* graphviz-gd-2.48.0-150400.3.3.1
* graphviz-2.48.0-150400.3.3.1
* graphviz-ruby-2.48.0-150400.3.3.1
* graphviz-smyrna-2.48.0-150400.3.3.1
* libgraphviz6-debuginfo-2.48.0-150400.3.3.1
* graphviz-debuginfo-2.48.0-150400.3.3.1
* graphviz-plugins-core-debuginfo-2.48.0-150400.3.3.1
* graphviz-php-2.48.0-150400.3.3.1
* graphviz-addons-debugsource-2.48.0-150400.3.3.1
* graphviz-gvedit-debuginfo-2.48.0-150400.3.3.1
* graphviz-gnome-debuginfo-2.48.0-150400.3.3.1
* python3-gv-debuginfo-2.48.0-150400.3.3.1
* graphviz-x11-debuginfo-2.48.0-150400.3.3.1
* graphviz-smyrna-debuginfo-2.48.0-150400.3.3.1
* graphviz-perl-2.48.0-150400.3.3.1
* graphviz-ruby-debuginfo-2.48.0-150400.3.3.1
* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64)
* python3-gv-2.48.0-150400.3.3.1
* graphviz-lua-2.48.0-150400.3.3.1
* graphviz-addons-debuginfo-2.48.0-150400.3.3.1
* graphviz-gd-debuginfo-2.48.0-150400.3.3.1
* graphviz-tcl-2.48.0-150400.3.3.1
* graphviz-php-debuginfo-2.48.0-150400.3.3.1
* graphviz-lua-debuginfo-2.48.0-150400.3.3.1
* libgraphviz6-2.48.0-150400.3.3.1
* graphviz-guile-2.48.0-150400.3.3.1
* graphviz-webp-debuginfo-2.48.0-150400.3.3.1
* graphviz-gnome-2.48.0-150400.3.3.1
* graphviz-tcl-debuginfo-2.48.0-150400.3.3.1
* graphviz-guile-debuginfo-2.48.0-150400.3.3.1
* graphviz-webp-2.48.0-150400.3.3.1
* graphviz-java-debuginfo-2.48.0-150400.3.3.1
* graphviz-perl-debuginfo-2.48.0-150400.3.3.1
* graphviz-gvedit-2.48.0-150400.3.3.1
* graphviz-java-2.48.0-150400.3.3.1
* graphviz-devel-2.48.0-150400.3.3.1
* graphviz-doc-2.48.0-150400.3.3.1
* graphviz-plugins-core-2.48.0-150400.3.3.1
* graphviz-x11-2.48.0-150400.3.3.1
* graphviz-debugsource-2.48.0-150400.3.3.1
* graphviz-gd-2.48.0-150400.3.3.1
* graphviz-2.48.0-150400.3.3.1
* graphviz-ruby-2.48.0-150400.3.3.1
* graphviz-smyrna-2.48.0-150400.3.3.1
* libgraphviz6-debuginfo-2.48.0-150400.3.3.1
* graphviz-debuginfo-2.48.0-150400.3.3.1
* graphviz-plugins-core-debuginfo-2.48.0-150400.3.3.1
* graphviz-php-2.48.0-150400.3.3.1
* graphviz-addons-debugsource-2.48.0-150400.3.3.1
* graphviz-gvedit-debuginfo-2.48.0-150400.3.3.1
* graphviz-gnome-debuginfo-2.48.0-150400.3.3.1
* python3-gv-debuginfo-2.48.0-150400.3.3.1
* graphviz-x11-debuginfo-2.48.0-150400.3.3.1
* graphviz-smyrna-debuginfo-2.48.0-150400.3.3.1
* graphviz-perl-2.48.0-150400.3.3.1
* graphviz-ruby-debuginfo-2.48.0-150400.3.3.1
* Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64)
* libgraphviz6-debuginfo-2.48.0-150400.3.3.1
* graphviz-devel-2.48.0-150400.3.3.1
* graphviz-plugins-core-2.48.0-150400.3.3.1
* graphviz-debugsource-2.48.0-150400.3.3.1
* graphviz-debuginfo-2.48.0-150400.3.3.1
* graphviz-plugins-core-debuginfo-2.48.0-150400.3.3.1
* graphviz-2.48.0-150400.3.3.1
* libgraphviz6-2.48.0-150400.3.3.1
* Development Tools Module 15-SP5 (aarch64 ppc64le s390x x86_64)
* graphviz-perl-2.48.0-150400.3.3.1
* graphviz-addons-debuginfo-2.48.0-150400.3.3.1
* graphviz-perl-debuginfo-2.48.0-150400.3.3.1
* graphviz-addons-debugsource-2.48.0-150400.3.3.1
* SUSE Package Hub 15 15-SP5 (aarch64 ppc64le s390x x86_64)
* graphviz-gnome-debuginfo-2.48.0-150400.3.3.1
* graphviz-addons-debuginfo-2.48.0-150400.3.3.1
* graphviz-gnome-2.48.0-150400.3.3.1
* graphviz-addons-debugsource-2.48.0-150400.3.3.1
* Server Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64)
* graphviz-addons-debuginfo-2.48.0-150400.3.3.1
* graphviz-tcl-debuginfo-2.48.0-150400.3.3.1
* graphviz-addons-debugsource-2.48.0-150400.3.3.1
* graphviz-tcl-2.48.0-150400.3.3.1
* SUSE Linux Enterprise High Availability Extension 15 SP4 (aarch64 ppc64le
s390x x86_64)
* python3-gv-2.48.0-150400.3.3.1
* graphviz-addons-debuginfo-2.48.0-150400.3.3.1
* graphviz-gd-debuginfo-2.48.0-150400.3.3.1
* python3-gv-debuginfo-2.48.0-150400.3.3.1
* graphviz-gd-2.48.0-150400.3.3.1
* graphviz-addons-debugsource-2.48.0-150400.3.3.1
* SUSE Linux Enterprise High Availability Extension 15 SP5 (aarch64 ppc64le
s390x x86_64)
* python3-gv-2.48.0-150400.3.3.1
* graphviz-addons-debuginfo-2.48.0-150400.3.3.1
* graphviz-gd-debuginfo-2.48.0-150400.3.3.1
* python3-gv-debuginfo-2.48.0-150400.3.3.1
* graphviz-gd-2.48.0-150400.3.3.1
* graphviz-addons-debugsource-2.48.0-150400.3.3.1

## References:

* https://www.suse.com/security/cve/CVE-2023-46045.html
* https://bugzilla.suse.com/show_bug.cgi?id=1219491



SUSE-SU-2024:1340-1: important: Security update for pgadmin4


# Security update for pgadmin4

Announcement ID: SUSE-SU-2024:1340-1
Rating: important
References:

* bsc#1221172

Cross-References:

* CVE-2024-2044

CVSS scores:

* CVE-2024-2044 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected Products:

* openSUSE Leap 15.3
* openSUSE Leap 15.5
* Server Applications Module 15-SP5
* SUSE Enterprise Storage 7.1
* SUSE Linux Enterprise High Performance Computing 15 SP3
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
* SUSE Linux Enterprise Real Time 15 SP5
* SUSE Linux Enterprise Server 15 SP3
* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP3
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Manager Proxy 4.3
* SUSE Manager Retail Branch Server 4.3
* SUSE Manager Server 4.3

An update that solves one vulnerability can now be installed.

## Description:

This update for pgadmin4 fixes the following issues:

* CVE-2024-2044: Fixed unsafe deserialization and Remote Code Execution by an
authenticated user (bsc#1221172)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.3
zypper in -t patch SUSE-2024-1340=1

* openSUSE Leap 15.5
zypper in -t patch openSUSE-SLE-15.5-2024-1340=1

* Server Applications Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP5-2024-1340=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-1340=1

* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-1340=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-1340=1

* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3
zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-1340=1

* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4
zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-1340=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP3
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-1340=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP4
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-1340=1

* SUSE Manager Proxy 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-1340=1

* SUSE Manager Retail Branch Server 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-
Server-4.3-2024-1340=1

* SUSE Manager Server 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-1340=1

* SUSE Enterprise Storage 7.1
zypper in -t patch SUSE-Storage-7.1-2024-1340=1

## Package List:

* openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586)
* pgadmin4-debuginfo-4.30-150300.3.12.1
* pgadmin4-4.30-150300.3.12.1
* openSUSE Leap 15.3 (noarch)
* pgadmin4-web-4.30-150300.3.12.1
* pgadmin4-doc-4.30-150300.3.12.1
* pgadmin4-web-uwsgi-4.30-150300.3.12.1
* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64)
* pgadmin4-debuginfo-4.30-150300.3.12.1
* pgadmin4-4.30-150300.3.12.1
* openSUSE Leap 15.5 (noarch)
* pgadmin4-web-4.30-150300.3.12.1
* pgadmin4-doc-4.30-150300.3.12.1
* pgadmin4-web-uwsgi-4.30-150300.3.12.1
* Server Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64)
* pgadmin4-debuginfo-4.30-150300.3.12.1
* pgadmin4-4.30-150300.3.12.1
* Server Applications Module 15-SP5 (noarch)
* pgadmin4-web-4.30-150300.3.12.1
* pgadmin4-doc-4.30-150300.3.12.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64
x86_64)
* pgadmin4-debuginfo-4.30-150300.3.12.1
* pgadmin4-4.30-150300.3.12.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch)
* pgadmin4-web-4.30-150300.3.12.1
* pgadmin4-doc-4.30-150300.3.12.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
x86_64)
* pgadmin4-debuginfo-4.30-150300.3.12.1
* pgadmin4-4.30-150300.3.12.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch)
* pgadmin4-web-4.30-150300.3.12.1
* pgadmin4-doc-4.30-150300.3.12.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
x86_64)
* pgadmin4-debuginfo-4.30-150300.3.12.1
* pgadmin4-4.30-150300.3.12.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch)
* pgadmin4-web-4.30-150300.3.12.1
* pgadmin4-doc-4.30-150300.3.12.1
* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x
x86_64)
* pgadmin4-debuginfo-4.30-150300.3.12.1
* pgadmin4-4.30-150300.3.12.1
* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (noarch)
* pgadmin4-web-4.30-150300.3.12.1
* pgadmin4-doc-4.30-150300.3.12.1
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x
x86_64)
* pgadmin4-debuginfo-4.30-150300.3.12.1
* pgadmin4-4.30-150300.3.12.1
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch)
* pgadmin4-web-4.30-150300.3.12.1
* pgadmin4-doc-4.30-150300.3.12.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64)
* pgadmin4-debuginfo-4.30-150300.3.12.1
* pgadmin4-4.30-150300.3.12.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch)
* pgadmin4-web-4.30-150300.3.12.1
* pgadmin4-doc-4.30-150300.3.12.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
* pgadmin4-debuginfo-4.30-150300.3.12.1
* pgadmin4-4.30-150300.3.12.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch)
* pgadmin4-web-4.30-150300.3.12.1
* pgadmin4-doc-4.30-150300.3.12.1
* SUSE Manager Proxy 4.3 (x86_64)
* pgadmin4-debuginfo-4.30-150300.3.12.1
* pgadmin4-4.30-150300.3.12.1
* SUSE Manager Proxy 4.3 (noarch)
* pgadmin4-web-4.30-150300.3.12.1
* pgadmin4-doc-4.30-150300.3.12.1
* SUSE Manager Retail Branch Server 4.3 (x86_64)
* pgadmin4-debuginfo-4.30-150300.3.12.1
* pgadmin4-4.30-150300.3.12.1
* SUSE Manager Retail Branch Server 4.3 (noarch)
* pgadmin4-web-4.30-150300.3.12.1
* pgadmin4-doc-4.30-150300.3.12.1
* SUSE Manager Server 4.3 (ppc64le s390x x86_64)
* pgadmin4-debuginfo-4.30-150300.3.12.1
* pgadmin4-4.30-150300.3.12.1
* SUSE Manager Server 4.3 (noarch)
* pgadmin4-web-4.30-150300.3.12.1
* pgadmin4-doc-4.30-150300.3.12.1
* SUSE Enterprise Storage 7.1 (aarch64 x86_64)
* pgadmin4-debuginfo-4.30-150300.3.12.1
* pgadmin4-4.30-150300.3.12.1
* SUSE Enterprise Storage 7.1 (noarch)
* pgadmin4-web-4.30-150300.3.12.1
* pgadmin4-doc-4.30-150300.3.12.1

## References:

* https://www.suse.com/security/cve/CVE-2024-2044.html
* https://bugzilla.suse.com/show_bug.cgi?id=1221172



SUSE-SU-2024:1345-1: important: Security update for tomcat


# Security update for tomcat

Announcement ID: SUSE-SU-2024:1345-1
Rating: important
References:

* bsc#1221385
* bsc#1221386

Cross-References:

* CVE-2024-23672
* CVE-2024-24549

CVSS scores:

* CVE-2024-23672 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-24549 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products:

* Development Tools Module 15-SP5
* openSUSE Leap 15.5
* SUSE Enterprise Storage 7.1
* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4
* SUSE Linux Enterprise Desktop 15 SP5
* SUSE Linux Enterprise High Performance Computing 15 SP2
* SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2
* SUSE Linux Enterprise High Performance Computing 15 SP3
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
* SUSE Linux Enterprise Micro 5.5
* SUSE Linux Enterprise Real Time 15 SP5
* SUSE Linux Enterprise Server 15 SP2
* SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2
* SUSE Linux Enterprise Server 15 SP3
* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP2
* SUSE Linux Enterprise Server for SAP Applications 15 SP3
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Manager Server 4.3
* SUSE Manager Server 4.3 Module 4.3
* SUSE Package Hub 15 15-SP5
* Web and Scripting Module 15-SP5

An update that solves two vulnerabilities can now be installed.

## Description:

This update for tomcat fixes the following issues:

* CVE-2024-24549: Fixed denial of service during header validation for HTTP/2
stream (bsc#1221386)
* CVE-2024-23672: Fixed denial of service due to malicious WebSocket client
keeping connection open (bsc#1221385)

Other fixes: \- Update to Tomcat 9.0.87
* Catalina \+ Fix: Minor performance improvement for building filter chains.
Based on ideas from #702 by Luke Miao. (remm) \+ Fix: Align error handling for
Writer and OutputStream. Ensure use of either once the response has been
recycled triggers a NullPointerException provided that discardFacades is
configured with the default value of true. (markt) \+ Fix: 68692: The standard
thread pool implementations that are configured using the Executor element now
implement ExecutorService for better support NIO2. (remm) \+ Fix: 68495: When
restoring a saved POST request after a successful FORM authentication, ensure
that neither the URI, the query string nor the protocol are corrupted when
restoring the request body. (markt) \+ Fix: 68721: Workaround a possible cause
of duplicate class definitions when using ClassFileTransformers and the
transformation of a class also triggers the loading of the same class. (markt)
\+ Fix: The rewrite valve should not do a rewrite if the output is identical to
the input. (remm) \+ Update: Add a new valveSkip (or VS) rule flag to the
rewrite valve to allow skipping over the next valve in the Catalina pipeline.
(remm) \+ Fix: Correct JPMS and OSGi meta-data for tomcat-enbed-core.jar by
removing reference to org.apache.catalina.ssi package that is no longer included
in the JAR. Based on pull request #684 by Jendrik Johannes. (markt) \+ Fix: Fix
ServiceBindingPropertySource so that trailing \r\n sequences are correctly
removed from files containing property values when configured to do so. Bug
identified by Coverity Scan. (markt) \+ Add: Add improvements to the CSRF
prevention filter including the ability to skip adding nonces for resource name
and subtree URL patterns. (schultz) \+ Fix: Review usage of debug logging and
downgrade trace or data dumping operations from debug level to trace. (remm) \+
Fix: 68089: Further improve the performance of request attribute access for
ApplicationHttpRequest and ApplicationRequest. (markt) \+ Fix: 68559: Allow
asynchronous error handling to write to the response after an error during
asynchronous processing. (markt) * Coyote \+ Fix: Improve the HTTP/2 stream
prioritisation process. If a stream uses all of the connection windows and still
has content to write, it will now be added to the backlog immediately rather
than waiting until the write attempt for the remaining content. (markt) \+ Fix:
Make asynchronous error handling more robust. Ensure that once a connection is
marked to be closed, further asynchronous processing cannot change that. (markt)
\+ Fix: Make asynchronous error handling more robust. Ensure that once the call
to AsyncListener.onError() has returned to the container, only container threads
can access the AsyncContext. This protects against various race conditions that
woudl otherwise occur if application threads continued to access the
AsyncContext. \+ Fix: Review usage of debug logging and downgrade trace or data
dumping operations from debug level to trace. In particular, most of the HTTP/2
debug logging has been changed to trace level. (remm) \+ Fix: Add support for
user provided SSLContext instances configured on SSLHostConfigCertificate
instances. Based on pull request #673 provided by Hakan Altındağ. (markt) \+
Fix: Improve the Tomcat Native shutdown process to reduce the likelihood of a
JVM crash during Tomcat shutdown. (markt) \+ Fix: Partial fix for 68558: Cache
the result of converting to String for request URI, HTTP header names and the
request Content-Type value to improve performance by reducing repeated byte[] to
String conversions. (markt) \+ Fix: Improve error reporting to HTTP/2 clients
for header processing errors by reporting problems at the end of the frame where
the error was detected rather than at the end of the headers. (markt) \+ Fix:
Remove the remaining reference to a stream once the stream has been recycled.
This makes the stream eligible for garbage collection earlier and thereby
improves scalability. (markt) * Jasper \+ Add: Add support for specifying Java
22 (with the value 22) as the compiler source and/or compiler target for JSP
compilation. If used with an Eclipse JDT compiler version that does not support
these values, a warning will be logged and the default will used. (markt) \+
Fix: 68546: Generate optimal size and types for JSP imports maps, as suggested
by John Engebretson. (remm) \+ Fix: Review usage of debug logging and downgrade
trace or data dumping operations from debug level to trace. (remm) * Cluster \+
Fix: Avoid updating request count stats on async. (remm) * WebSocket \+ Fix:
Correct a regression in the fix for 66508 that could cause an UpgradeProcessor
leak in some circumstances. (markt) \+ Fix: Review usage of debug logging and
downgrade trace or data dumping operations from debug level to trace. (remm) \+
Fix: Ensure that WebSocket connection closure completes if the connection is
closed when the server side has used the proprietary suspend/resume feature to
suspend the connection. (markt) * Web applications \+ Add: Add support for
responses in JSON format from the examples application RequestHeaderExample.
(schultz) * Other \+ Add: Improvements to French translations. (remm) \+ Add:
Improvements to Japanese translations by tak7iji. (markt) \+ Update: Update
Checkstyle to 10.13.0. (markt) \+ Update: Update JSign to 6.0. (markt) \+
Update: Add strings for debug level messages. (remm) \+ Update: Update Tomcat
Native to 1.3.0. (markt) \+ Add: Improvements to French translations. (remm) \+
Add: Improvements to Japanese translations by tak7iji. (markt)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.5
zypper in -t patch openSUSE-SLE-15.5-2024-1345=1

* Development Tools Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP5-2024-1345=1

* SUSE Package Hub 15 15-SP5
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-1345=1

* SUSE Manager Server 4.3 Module 4.3
zypper in -t patch SUSE-SLE-Module-SUSE-Manager-Server-4.3-2024-1345=1

* Web and Scripting Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Web-Scripting-15-SP5-2024-1345=1

* SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-1345=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-1345=1

* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-1345=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-1345=1

* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4
zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-1345=1

* SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-1345=1

* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3
zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-1345=1

* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4
zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-1345=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP2
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-1345=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP3
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-1345=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP4
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-1345=1

* SUSE Manager Server 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-1345=1

* SUSE Enterprise Storage 7.1
zypper in -t patch SUSE-Storage-7.1-2024-1345=1

## Package List:

* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64)
* apache-commons-daemon-1.3.4-150200.11.14.1
* apache-commons-daemon-jsvc-debuginfo-1.3.4-150200.11.14.1
* apache-commons-daemon-jsvc-1.3.4-150200.11.14.1
* apache-commons-daemon-debugsource-1.3.4-150200.11.14.1
* openSUSE Leap 15.5 (noarch)
* tomcat-jsp-2_3-api-9.0.87-150200.65.1
* geronimo-servlet-2_5-api-1.2-150200.15.8.1
* geronimo-j2ee-1_4-apis-1.2-150200.15.8.1
* geronimo-ws-metadata-2_0-api-1.2-150200.15.8.1
* jakarta-taglibs-standard-1.1.1-150000.4.10.1
* geronimo-j2ee-management-1_1-api-1.2-150200.15.8.1
* geronimo-javamail-1_3_1-api-1.2-150200.15.8.1
* geronimo-jsp-2_1-api-1.2-150200.15.8.1
* tomcat-servlet-4_0-api-9.0.87-150200.65.1
* geronimo-jaxr-1_0-api-1.2-150200.15.8.1
* geronimo-jaxrpc-1_1-api-1.2-150200.15.8.1
* tomcat-admin-webapps-9.0.87-150200.65.1
* geronimo-corba-1_0-apis-1.2-150200.15.8.1
* geronimo-jta-1_1-api-1.2-150200.15.8.1
* tomcat-docs-webapp-9.0.87-150200.65.1
* tomcat-el-3_0-api-9.0.87-150200.65.1
* geronimo-jacc-1_0-api-1.2-150200.15.8.1
* apache-commons-dbcp-2.1.1-150200.10.8.1
* geronimo-j2ee-management-1_0-api-1.2-150200.15.8.1
* apache-commons-pool2-2.4.2-150200.11.8.1
* geronimo-annotation-1_0-api-1.2-150200.15.8.1
* geronimo-j2ee-deployment-1_1-api-1.2-150200.15.8.1
* geronimo-saaj-1_1-api-1.2-150200.15.8.1
* geronimo-javaee-deployment-1_1-api-1.2-150200.15.8.1
* tomcat-webapps-9.0.87-150200.65.1
* geronimo-interceptor-3_0-api-1.2-150200.15.8.1
* geronimo-jsp-2_0-api-1.2-150200.15.8.1
* apache-commons-dbcp-javadoc-2.1.1-150200.10.8.1
* geronimo-commonj-1_1-apis-1.2-150200.15.8.1
* geronimo-stax-1_0-api-1.2-150200.15.8.1
* tomcat-9.0.87-150200.65.1
* geronimo-jta-1_0_1B-api-1.2-150200.15.8.1
* geronimo-ejb-3_0-api-1.2-150200.15.8.1
* geronimo-el-1_0-api-1.2-150200.15.8.1
* geronimo-j2ee-connector-1_5-api-1.2-150200.15.8.1
* tomcat-lib-9.0.87-150200.65.1
* apache-commons-daemon-javadoc-1.3.4-150200.11.14.1
* geronimo-corba-2_3-apis-1.2-150200.15.8.1
* tomcat-javadoc-9.0.87-150200.65.1
* geronimo-servlet-2_4-api-1.2-150200.15.8.1
* geronimo-javamail-1_4-api-1.2-150200.15.8.1
* geronimo-jaf-1_0_2-api-1.2-150200.15.8.1
* geronimo-jms-1_1-api-1.2-150200.15.8.1
* apache-commons-pool2-javadoc-2.4.2-150200.11.8.1
* geronimo-jaf-1_1-api-1.2-150200.15.8.1
* geronimo-ejb-2_1-api-1.2-150200.15.8.1
* tomcat-embed-9.0.87-150200.65.1
* geronimo-jacc-1_1-api-1.2-150200.15.8.1
* jakarta-taglibs-standard-javadoc-1.1.1-150000.4.10.1
* tomcat-jsvc-9.0.87-150200.65.1
* geronimo-qname-1_1-api-1.2-150200.15.8.1
* geronimo-jpa-3_0-api-1.2-150200.15.8.1
* Development Tools Module 15-SP5 (noarch)
* geronimo-annotation-1_0-api-1.2-150200.15.8.1
* geronimo-jms-1_1-api-1.2-150200.15.8.1
* geronimo-stax-1_0-api-1.2-150200.15.8.1
* SUSE Package Hub 15 15-SP5 (noarch)
* geronimo-j2ee-connector-1_5-api-1.2-150200.15.8.1
* geronimo-j2ee-1_4-apis-1.2-150200.15.8.1
* geronimo-servlet-2_4-api-1.2-150200.15.8.1
* geronimo-javamail-1_4-api-1.2-150200.15.8.1
* geronimo-jsp-2_0-api-1.2-150200.15.8.1
* geronimo-jms-1_1-api-1.2-150200.15.8.1
* geronimo-stax-1_0-api-1.2-150200.15.8.1
* geronimo-jaf-1_1-api-1.2-150200.15.8.1
* SUSE Manager Server 4.3 Module 4.3 (noarch)
* geronimo-annotation-1_0-api-1.2-150200.15.8.1
* geronimo-stax-1_0-api-1.2-150200.15.8.1
* Web and Scripting Module 15-SP5 (aarch64 ppc64le s390x x86_64)
* apache-commons-daemon-1.3.4-150200.11.14.1
* apache-commons-daemon-debugsource-1.3.4-150200.11.14.1
* Web and Scripting Module 15-SP5 (noarch)
* apache-commons-pool2-2.4.2-150200.11.8.1
* tomcat-jsp-2_3-api-9.0.87-150200.65.1
* tomcat-lib-9.0.87-150200.65.1
* jakarta-taglibs-standard-1.1.1-150000.4.10.1
* tomcat-servlet-4_0-api-9.0.87-150200.65.1
* tomcat-webapps-9.0.87-150200.65.1
* tomcat-admin-webapps-9.0.87-150200.65.1
* geronimo-jta-1_1-api-1.2-150200.15.8.1
* tomcat-el-3_0-api-9.0.87-150200.65.1
* apache-commons-dbcp-2.1.1-150200.10.8.1
* tomcat-9.0.87-150200.65.1
* SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64
x86_64)
* apache-commons-daemon-1.3.4-150200.11.14.1
* apache-commons-daemon-debugsource-1.3.4-150200.11.14.1
* SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (noarch)
* apache-commons-pool2-2.4.2-150200.11.8.1
* geronimo-annotation-1_0-api-1.2-150200.15.8.1
* tomcat-jsp-2_3-api-9.0.87-150200.65.1
* tomcat-lib-9.0.87-150200.65.1
* jakarta-taglibs-standard-1.1.1-150000.4.10.1
* tomcat-servlet-4_0-api-9.0.87-150200.65.1
* tomcat-webapps-9.0.87-150200.65.1
* geronimo-stax-1_0-api-1.2-150200.15.8.1
* tomcat-admin-webapps-9.0.87-150200.65.1
* geronimo-jta-1_1-api-1.2-150200.15.8.1
* tomcat-el-3_0-api-9.0.87-150200.65.1
* geronimo-jms-1_1-api-1.2-150200.15.8.1
* apache-commons-dbcp-2.1.1-150200.10.8.1
* tomcat-9.0.87-150200.65.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64
x86_64)
* apache-commons-daemon-1.3.4-150200.11.14.1
* apache-commons-daemon-debugsource-1.3.4-150200.11.14.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch)
* apache-commons-pool2-2.4.2-150200.11.8.1
* geronimo-annotation-1_0-api-1.2-150200.15.8.1
* tomcat-jsp-2_3-api-9.0.87-150200.65.1
* tomcat-lib-9.0.87-150200.65.1
* jakarta-taglibs-standard-1.1.1-150000.4.10.1
* tomcat-servlet-4_0-api-9.0.87-150200.65.1
* tomcat-webapps-9.0.87-150200.65.1
* geronimo-stax-1_0-api-1.2-150200.15.8.1
* tomcat-admin-webapps-9.0.87-150200.65.1
* geronimo-jta-1_1-api-1.2-150200.15.8.1
* tomcat-el-3_0-api-9.0.87-150200.65.1
* geronimo-jms-1_1-api-1.2-150200.15.8.1
* apache-commons-dbcp-2.1.1-150200.10.8.1
* tomcat-9.0.87-150200.65.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
x86_64)
* apache-commons-daemon-1.3.4-150200.11.14.1
* apache-commons-daemon-debugsource-1.3.4-150200.11.14.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch)
* apache-commons-pool2-2.4.2-150200.11.8.1
* geronimo-annotation-1_0-api-1.2-150200.15.8.1
* tomcat-jsp-2_3-api-9.0.87-150200.65.1
* tomcat-lib-9.0.87-150200.65.1
* jakarta-taglibs-standard-1.1.1-150000.4.10.1
* tomcat-servlet-4_0-api-9.0.87-150200.65.1
* tomcat-webapps-9.0.87-150200.65.1
* geronimo-stax-1_0-api-1.2-150200.15.8.1
* tomcat-admin-webapps-9.0.87-150200.65.1
* geronimo-jta-1_1-api-1.2-150200.15.8.1
* tomcat-el-3_0-api-9.0.87-150200.65.1
* geronimo-jms-1_1-api-1.2-150200.15.8.1
* apache-commons-dbcp-2.1.1-150200.10.8.1
* tomcat-9.0.87-150200.65.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
x86_64)
* apache-commons-daemon-1.3.4-150200.11.14.1
* apache-commons-daemon-debugsource-1.3.4-150200.11.14.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch)
* apache-commons-pool2-2.4.2-150200.11.8.1
* geronimo-annotation-1_0-api-1.2-150200.15.8.1
* tomcat-jsp-2_3-api-9.0.87-150200.65.1
* tomcat-lib-9.0.87-150200.65.1
* jakarta-taglibs-standard-1.1.1-150000.4.10.1
* tomcat-servlet-4_0-api-9.0.87-150200.65.1
* tomcat-webapps-9.0.87-150200.65.1
* geronimo-stax-1_0-api-1.2-150200.15.8.1
* tomcat-admin-webapps-9.0.87-150200.65.1
* geronimo-jta-1_1-api-1.2-150200.15.8.1
* tomcat-el-3_0-api-9.0.87-150200.65.1
* geronimo-jms-1_1-api-1.2-150200.15.8.1
* apache-commons-dbcp-2.1.1-150200.10.8.1
* tomcat-9.0.87-150200.65.1
* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (noarch)
* geronimo-annotation-1_0-api-1.2-150200.15.8.1
* geronimo-jms-1_1-api-1.2-150200.15.8.1
* geronimo-stax-1_0-api-1.2-150200.15.8.1
* SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x
x86_64)
* apache-commons-daemon-1.3.4-150200.11.14.1
* apache-commons-daemon-debugsource-1.3.4-150200.11.14.1
* SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (noarch)
* apache-commons-pool2-2.4.2-150200.11.8.1
* geronimo-annotation-1_0-api-1.2-150200.15.8.1
* tomcat-jsp-2_3-api-9.0.87-150200.65.1
* tomcat-lib-9.0.87-150200.65.1
* jakarta-taglibs-standard-1.1.1-150000.4.10.1
* tomcat-servlet-4_0-api-9.0.87-150200.65.1
* tomcat-webapps-9.0.87-150200.65.1
* geronimo-stax-1_0-api-1.2-150200.15.8.1
* tomcat-admin-webapps-9.0.87-150200.65.1
* geronimo-jta-1_1-api-1.2-150200.15.8.1
* tomcat-el-3_0-api-9.0.87-150200.65.1
* geronimo-jms-1_1-api-1.2-150200.15.8.1
* apache-commons-dbcp-2.1.1-150200.10.8.1
* tomcat-9.0.87-150200.65.1
* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x
x86_64)
* apache-commons-daemon-1.3.4-150200.11.14.1
* apache-commons-daemon-debugsource-1.3.4-150200.11.14.1
* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (noarch)
* apache-commons-pool2-2.4.2-150200.11.8.1
* geronimo-annotation-1_0-api-1.2-150200.15.8.1
* tomcat-jsp-2_3-api-9.0.87-150200.65.1
* tomcat-lib-9.0.87-150200.65.1
* jakarta-taglibs-standard-1.1.1-150000.4.10.1
* tomcat-servlet-4_0-api-9.0.87-150200.65.1
* tomcat-webapps-9.0.87-150200.65.1
* geronimo-stax-1_0-api-1.2-150200.15.8.1
* tomcat-admin-webapps-9.0.87-150200.65.1
* geronimo-jta-1_1-api-1.2-150200.15.8.1
* tomcat-el-3_0-api-9.0.87-150200.65.1
* geronimo-jms-1_1-api-1.2-150200.15.8.1
* apache-commons-dbcp-2.1.1-150200.10.8.1
* tomcat-9.0.87-150200.65.1
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x
x86_64)
* apache-commons-daemon-1.3.4-150200.11.14.1
* apache-commons-daemon-debugsource-1.3.4-150200.11.14.1
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch)
* apache-commons-pool2-2.4.2-150200.11.8.1
* geronimo-annotation-1_0-api-1.2-150200.15.8.1
* tomcat-jsp-2_3-api-9.0.87-150200.65.1
* tomcat-lib-9.0.87-150200.65.1
* jakarta-taglibs-standard-1.1.1-150000.4.10.1
* tomcat-servlet-4_0-api-9.0.87-150200.65.1
* tomcat-webapps-9.0.87-150200.65.1
* geronimo-stax-1_0-api-1.2-150200.15.8.1
* tomcat-admin-webapps-9.0.87-150200.65.1
* geronimo-jta-1_1-api-1.2-150200.15.8.1
* tomcat-el-3_0-api-9.0.87-150200.65.1
* geronimo-jms-1_1-api-1.2-150200.15.8.1
* apache-commons-dbcp-2.1.1-150200.10.8.1
* tomcat-9.0.87-150200.65.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64)
* apache-commons-daemon-1.3.4-150200.11.14.1
* apache-commons-daemon-debugsource-1.3.4-150200.11.14.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP2 (noarch)
* apache-commons-pool2-2.4.2-150200.11.8.1
* geronimo-annotation-1_0-api-1.2-150200.15.8.1
* tomcat-jsp-2_3-api-9.0.87-150200.65.1
* tomcat-lib-9.0.87-150200.65.1
* jakarta-taglibs-standard-1.1.1-150000.4.10.1
* tomcat-servlet-4_0-api-9.0.87-150200.65.1
* tomcat-webapps-9.0.87-150200.65.1
* geronimo-stax-1_0-api-1.2-150200.15.8.1
* tomcat-admin-webapps-9.0.87-150200.65.1
* geronimo-jta-1_1-api-1.2-150200.15.8.1
* tomcat-el-3_0-api-9.0.87-150200.65.1
* geronimo-jms-1_1-api-1.2-150200.15.8.1
* apache-commons-dbcp-2.1.1-150200.10.8.1
* tomcat-9.0.87-150200.65.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64)
* apache-commons-daemon-1.3.4-150200.11.14.1
* apache-commons-daemon-debugsource-1.3.4-150200.11.14.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch)
* apache-commons-pool2-2.4.2-150200.11.8.1
* geronimo-annotation-1_0-api-1.2-150200.15.8.1
* tomcat-jsp-2_3-api-9.0.87-150200.65.1
* tomcat-lib-9.0.87-150200.65.1
* jakarta-taglibs-standard-1.1.1-150000.4.10.1
* tomcat-servlet-4_0-api-9.0.87-150200.65.1
* tomcat-webapps-9.0.87-150200.65.1
* geronimo-stax-1_0-api-1.2-150200.15.8.1
* tomcat-admin-webapps-9.0.87-150200.65.1
* geronimo-jta-1_1-api-1.2-150200.15.8.1
* tomcat-el-3_0-api-9.0.87-150200.65.1
* geronimo-jms-1_1-api-1.2-150200.15.8.1
* apache-commons-dbcp-2.1.1-150200.10.8.1
* tomcat-9.0.87-150200.65.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
* apache-commons-daemon-1.3.4-150200.11.14.1
* apache-commons-daemon-debugsource-1.3.4-150200.11.14.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch)
* apache-commons-pool2-2.4.2-150200.11.8.1
* geronimo-annotation-1_0-api-1.2-150200.15.8.1
* tomcat-jsp-2_3-api-9.0.87-150200.65.1
* tomcat-lib-9.0.87-150200.65.1
* jakarta-taglibs-standard-1.1.1-150000.4.10.1
* tomcat-servlet-4_0-api-9.0.87-150200.65.1
* tomcat-webapps-9.0.87-150200.65.1
* geronimo-stax-1_0-api-1.2-150200.15.8.1
* tomcat-admin-webapps-9.0.87-150200.65.1
* geronimo-jta-1_1-api-1.2-150200.15.8.1
* tomcat-el-3_0-api-9.0.87-150200.65.1
* geronimo-jms-1_1-api-1.2-150200.15.8.1
* apache-commons-dbcp-2.1.1-150200.10.8.1
* tomcat-9.0.87-150200.65.1
* SUSE Manager Server 4.3 (ppc64le s390x x86_64)
* apache-commons-daemon-1.3.4-150200.11.14.1
* apache-commons-daemon-debugsource-1.3.4-150200.11.14.1
* SUSE Manager Server 4.3 (noarch)
* apache-commons-pool2-2.4.2-150200.11.8.1
* tomcat-jsp-2_3-api-9.0.87-150200.65.1
* tomcat-lib-9.0.87-150200.65.1
* jakarta-taglibs-standard-1.1.1-150000.4.10.1
* tomcat-servlet-4_0-api-9.0.87-150200.65.1
* tomcat-webapps-9.0.87-150200.65.1
* tomcat-admin-webapps-9.0.87-150200.65.1
* geronimo-jta-1_1-api-1.2-150200.15.8.1
* tomcat-el-3_0-api-9.0.87-150200.65.1
* apache-commons-dbcp-2.1.1-150200.10.8.1
* tomcat-9.0.87-150200.65.1
* SUSE Enterprise Storage 7.1 (aarch64 x86_64)
* apache-commons-daemon-1.3.4-150200.11.14.1
* apache-commons-daemon-debugsource-1.3.4-150200.11.14.1
* SUSE Enterprise Storage 7.1 (noarch)
* apache-commons-pool2-2.4.2-150200.11.8.1
* geronimo-annotation-1_0-api-1.2-150200.15.8.1
* tomcat-jsp-2_3-api-9.0.87-150200.65.1
* tomcat-lib-9.0.87-150200.65.1
* jakarta-taglibs-standard-1.1.1-150000.4.10.1
* tomcat-servlet-4_0-api-9.0.87-150200.65.1
* tomcat-webapps-9.0.87-150200.65.1
* geronimo-stax-1_0-api-1.2-150200.15.8.1
* tomcat-admin-webapps-9.0.87-150200.65.1
* geronimo-jta-1_1-api-1.2-150200.15.8.1
* tomcat-el-3_0-api-9.0.87-150200.65.1
* geronimo-jms-1_1-api-1.2-150200.15.8.1
* apache-commons-dbcp-2.1.1-150200.10.8.1
* tomcat-9.0.87-150200.65.1

## References:

* https://www.suse.com/security/cve/CVE-2024-23672.html
* https://www.suse.com/security/cve/CVE-2024-24549.html
* https://bugzilla.suse.com/show_bug.cgi?id=1221385
* https://bugzilla.suse.com/show_bug.cgi?id=1221386



SUSE-SU-2024:1332-2: important: Security update for the Linux Kernel


# Security update for the Linux Kernel

Announcement ID: SUSE-SU-2024:1332-2
Rating: important
References:

* bsc#1194869
* bsc#1200465
* bsc#1205316
* bsc#1207948
* bsc#1209635
* bsc#1209657
* bsc#1212514
* bsc#1213456
* bsc#1214852
* bsc#1215221
* bsc#1215322
* bsc#1217339
* bsc#1217959
* bsc#1217987
* bsc#1217988
* bsc#1217989
* bsc#1218321
* bsc#1218336
* bsc#1218479
* bsc#1218643
* bsc#1218777
* bsc#1219169
* bsc#1219170
* bsc#1219264
* bsc#1219834
* bsc#1220114
* bsc#1220176
* bsc#1220237
* bsc#1220251
* bsc#1220320
* bsc#1220337
* bsc#1220340
* bsc#1220365
* bsc#1220366
* bsc#1220398
* bsc#1220411
* bsc#1220413
* bsc#1220439
* bsc#1220443
* bsc#1220445
* bsc#1220466
* bsc#1220478
* bsc#1220482
* bsc#1220484
* bsc#1220486
* bsc#1220487
* bsc#1220492
* bsc#1220703
* bsc#1220775
* bsc#1220790
* bsc#1220797
* bsc#1220831
* bsc#1220833
* bsc#1220836
* bsc#1220839
* bsc#1220840
* bsc#1220843
* bsc#1220870
* bsc#1220871
* bsc#1220872
* bsc#1220878
* bsc#1220879
* bsc#1220883
* bsc#1220885
* bsc#1220887
* bsc#1220898
* bsc#1220918
* bsc#1220920
* bsc#1220921
* bsc#1220926
* bsc#1220927
* bsc#1220929
* bsc#1220932
* bsc#1220937
* bsc#1220938
* bsc#1220940
* bsc#1220954
* bsc#1220955
* bsc#1220959
* bsc#1220960
* bsc#1220961
* bsc#1220965
* bsc#1220969
* bsc#1220978
* bsc#1220979
* bsc#1220981
* bsc#1220982
* bsc#1220983
* bsc#1220985
* bsc#1220986
* bsc#1220987
* bsc#1220989
* bsc#1220990
* bsc#1221009
* bsc#1221012
* bsc#1221015
* bsc#1221022
* bsc#1221039
* bsc#1221040
* bsc#1221044
* bsc#1221045
* bsc#1221046
* bsc#1221048
* bsc#1221055
* bsc#1221056
* bsc#1221058
* bsc#1221060
* bsc#1221061
* bsc#1221062
* bsc#1221066
* bsc#1221067
* bsc#1221068
* bsc#1221069
* bsc#1221070
* bsc#1221071
* bsc#1221077
* bsc#1221082
* bsc#1221090
* bsc#1221097
* bsc#1221156
* bsc#1221252
* bsc#1221273
* bsc#1221274
* bsc#1221276
* bsc#1221277
* bsc#1221291
* bsc#1221293
* bsc#1221298
* bsc#1221337
* bsc#1221338
* bsc#1221375
* bsc#1221379
* bsc#1221551
* bsc#1221553
* bsc#1221613
* bsc#1221614
* bsc#1221616
* bsc#1221618
* bsc#1221631
* bsc#1221633
* bsc#1221713
* bsc#1221777
* bsc#1221814
* bsc#1221816
* bsc#1221830
* bsc#1221951
* bsc#1222033
* bsc#1222056
* bsc#1222060
* bsc#1222070
* bsc#1222073
* bsc#1222117
* bsc#1222274
* bsc#1222291
* bsc#1222300
* bsc#1222304
* bsc#1222317
* bsc#1222331
* bsc#1222355
* bsc#1222356
* bsc#1222360
* bsc#1222366
* bsc#1222373
* bsc#1222619
* jsc#PED-5759
* jsc#PED-7167
* jsc#PED-7619

Cross-References:

* CVE-2021-46925
* CVE-2021-46926
* CVE-2021-46927
* CVE-2021-46929
* CVE-2021-46930
* CVE-2021-46931
* CVE-2021-46933
* CVE-2021-46936
* CVE-2021-47082
* CVE-2021-47087
* CVE-2021-47091
* CVE-2021-47093
* CVE-2021-47094
* CVE-2021-47095
* CVE-2021-47096
* CVE-2021-47097
* CVE-2021-47098
* CVE-2021-47099
* CVE-2021-47100
* CVE-2021-47101
* CVE-2021-47102
* CVE-2021-47104
* CVE-2021-47105
* CVE-2021-47107
* CVE-2021-47108
* CVE-2022-4744
* CVE-2022-48626
* CVE-2022-48629
* CVE-2022-48630
* CVE-2023-0160
* CVE-2023-28746
* CVE-2023-35827
* CVE-2023-4881
* CVE-2023-52447
* CVE-2023-52450
* CVE-2023-52453
* CVE-2023-52454
* CVE-2023-52469
* CVE-2023-52470
* CVE-2023-52474
* CVE-2023-52476
* CVE-2023-52477
* CVE-2023-52481
* CVE-2023-52484
* CVE-2023-52486
* CVE-2023-52492
* CVE-2023-52493
* CVE-2023-52494
* CVE-2023-52497
* CVE-2023-52500
* CVE-2023-52501
* CVE-2023-52502
* CVE-2023-52504
* CVE-2023-52507
* CVE-2023-52508
* CVE-2023-52509
* CVE-2023-52510
* CVE-2023-52511
* CVE-2023-52513
* CVE-2023-52515
* CVE-2023-52517
* CVE-2023-52518
* CVE-2023-52519
* CVE-2023-52520
* CVE-2023-52523
* CVE-2023-52524
* CVE-2023-52525
* CVE-2023-52528
* CVE-2023-52529
* CVE-2023-52532
* CVE-2023-52563
* CVE-2023-52564
* CVE-2023-52566
* CVE-2023-52567
* CVE-2023-52569
* CVE-2023-52574
* CVE-2023-52575
* CVE-2023-52576
* CVE-2023-52582
* CVE-2023-52583
* CVE-2023-52587
* CVE-2023-52591
* CVE-2023-52594
* CVE-2023-52595
* CVE-2023-52597
* CVE-2023-52598
* CVE-2023-52599
* CVE-2023-52600
* CVE-2023-52601
* CVE-2023-52602
* CVE-2023-52603
* CVE-2023-52604
* CVE-2023-52605
* CVE-2023-52606
* CVE-2023-52607
* CVE-2023-52608
* CVE-2023-52612
* CVE-2023-52615
* CVE-2023-52617
* CVE-2023-52619
* CVE-2023-52621
* CVE-2023-52623
* CVE-2023-52628
* CVE-2023-52632
* CVE-2023-52637
* CVE-2023-52639
* CVE-2023-6356
* CVE-2023-6535
* CVE-2023-6536
* CVE-2023-7042
* CVE-2023-7192
* CVE-2024-0841
* CVE-2024-2201
* CVE-2024-22099
* CVE-2024-23307
* CVE-2024-25739
* CVE-2024-26599
* CVE-2024-26600
* CVE-2024-26602
* CVE-2024-26612
* CVE-2024-26614
* CVE-2024-26620
* CVE-2024-26627
* CVE-2024-26629
* CVE-2024-26642
* CVE-2024-26645
* CVE-2024-26646
* CVE-2024-26651
* CVE-2024-26654
* CVE-2024-26659
* CVE-2024-26664
* CVE-2024-26667
* CVE-2024-26670
* CVE-2024-26695
* CVE-2024-26717

CVSS scores:

* CVE-2021-46925 ( SUSE ): 5.3 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-46925 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-46926 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-46927 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-46927 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-46929 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
* CVE-2021-46929 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-46930 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
* CVE-2021-46930 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-46931 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-46931 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-46933 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
* CVE-2021-46933 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-46936 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-46936 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2021-47082 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47087 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
* CVE-2021-47093 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H
* CVE-2021-47094 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
* CVE-2021-47095 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47096 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
* CVE-2021-47097 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
* CVE-2021-47099 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47100 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47101 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
* CVE-2021-47102 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47104 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
* CVE-2021-47105 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
* CVE-2021-47107 ( SUSE ): 6.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
* CVE-2021-47108 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-4744 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2022-4744 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2022-48626 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
* CVE-2022-48626 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2022-48629 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
* CVE-2022-48630 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-0160 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-0160 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-28746 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
* CVE-2023-35827 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-4881 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L
* CVE-2023-4881 ( NVD ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H
* CVE-2023-52447 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-52447 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-52450 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52450 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52454 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52469 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
* CVE-2023-52469 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-52470 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52470 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52474 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
* CVE-2023-52474 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-52476 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52477 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52484 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52486 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52492 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52493 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52494 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52497 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
* CVE-2023-52500 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
* CVE-2023-52501 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
* CVE-2023-52502 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-52504 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52507 ( SUSE ): 5.7 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
* CVE-2023-52508 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52509 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-52510 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-52511 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52513 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52515 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52517 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52518 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52519 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52520 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52523 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52524 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52525 ( SUSE ): 3.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
* CVE-2023-52528 ( SUSE ): 3.5 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
* CVE-2023-52529 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52532 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52563 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52564 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52566 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52567 ( SUSE ): 2.3 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L
* CVE-2023-52569 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52574 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52575 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52576 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52582 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52583 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52587 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52591 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
* CVE-2023-52594 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52595 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52597 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:H
* CVE-2023-52598 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52603 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52605 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52606 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52607 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52608 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52612 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H
* CVE-2023-52615 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52617 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52619 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52621 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52623 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52628 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-52632 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52637 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52639 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-6356 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-6356 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-6535 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-6535 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-6536 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-6536 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-7042 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-7042 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-7192 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-7192 ( NVD ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-0841 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-0841 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-2201 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
* CVE-2024-22099 ( SUSE ): 5.3 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-22099 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-23307 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-23307 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-25739 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-25739 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26599 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
* CVE-2024-26599 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-26600 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26600 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26602 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
* CVE-2024-26602 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26612 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26614 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26627 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26629 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
* CVE-2024-26642 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26645 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26646 ( SUSE ): 4.9 CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
* CVE-2024-26651 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26654 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26659 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26664 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26667 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26670 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26695 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26717 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected Products:

* openSUSE Leap 15.5
* Public Cloud Module 15-SP5
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP5

An update that solves 135 vulnerabilities, contains three features and has 29
security fixes can now be installed.

## Description:

The SUSE Linux Enterprise 15 SP5 Azure kernel was updated to receive various
security bugfixes.

NOTE: This update has been retracted due to a bug in the BHI CPU sidechannel
mitigation, which led to incorrect selection of other CPU mitigations.

The following security bugs were fixed:

* CVE-2021-46925: Fixed kernel panic caused by race of smc_sock (bsc#1220466).
* CVE-2021-46926: Fixed bug when detecting controllers in ALSA/hda/intel-sdw-
acpi (bsc#1220478).
* CVE-2021-46927: Fixed assertion bug in nitro_enclaves: Use
get_user_pages_unlocked() (bsc#1220443).
* CVE-2021-46929: Fixed use-after-free issue in sctp_sock_dump()
(bsc#1220482).
* CVE-2021-46930: Fixed usb/mtu3 list_head check warning (bsc#1220484).
* CVE-2021-46931: Fixed wrong type casting in mlx5e_tx_reporter_dump_sq()
(bsc#1220486).
* CVE-2021-46933: Fixed possible underflow in ffs_data_clear() (bsc#1220487).
* CVE-2021-46936: Fixed use-after-free in tw_timer_handler() (bsc#1220439).
* CVE-2021-47082: Fixed ouble free in tun_free_netdev() (bsc#1220969).
* CVE-2021-47087: Fixed incorrect page free bug in tee/optee (bsc#1220954).
* CVE-2021-47091: Fixed locking in ieee80211_start_ap()) error path
(bsc#1220959).
* CVE-2021-47093: Fixed memleak on registration failure in intel_pmc_core
(bsc#1220978).
* CVE-2021-47094: Fixed possible memory leak in KVM x86/mmu (bsc#1221551).
* CVE-2021-47095: Fixed missing initialization in ipmi/ssif (bsc#1220979).
* CVE-2021-47096: Fixed uninitalized user_pversion in ALSA rawmidi
(bsc#1220981).
* CVE-2021-47097: Fixed stack out of bound access in
elantech_change_report_id() (bsc#1220982).
* CVE-2021-47098: Fixed integer overflow/underflow in hysteresis calculations
hwmon: (lm90) (bsc#1220983).
* CVE-2021-47099: Fixed BUG_ON assertion in veth when skb entering GRO are
cloned (bsc#1220955).
* CVE-2021-47100: Fixed UAF when uninstall in ipmi (bsc#1220985).
* CVE-2021-47101: Fixed uninit-value in asix_mdio_read() (bsc#1220987).
* CVE-2021-47102: Fixed incorrect structure access In line: upper =
info->upper_dev in net/marvell/prestera (bsc#1221009).
* CVE-2021-47104: Fixed memory leak in qib_user_sdma_queue_pkts()
(bsc#1220960).
* CVE-2021-47105: Fixed potential memory leak in ice/xsk (bsc#1220961).
* CVE-2021-47107: Fixed READDIR buffer overflow in NFSD (bsc#1220965).
* CVE-2021-47108: Fixed possible NULL pointer dereference for mtk_hdmi_conf in
drm/mediatek (bsc#1220986).
* CVE-2022-4744: Fixed double-free that could lead to DoS or privilege
escalation in TUN/TAP device driver functionality (bsc#1209635).
* CVE-2022-48626: Fixed a potential use-after-free on remove path moxart
(bsc#1220366).
* CVE-2022-48629: Fixed possible memory leak in qcom-rng (bsc#1220989).
* CVE-2022-48630: Fixed infinite loop on requests not multiple of WORD_SZ in
crypto: qcom-rng (bsc#1220990).
* CVE-2023-0160: Fixed deadlock flaw in BPF that could allow a local user to
potentially crash the system (bsc#1209657).
* CVE-2023-28746: Fixed Register File Data Sampling (bsc#1213456).
* CVE-2023-35827: Fixed a use-after-free issue in ravb_tx_timeout_work()
(bsc#1212514).
* CVE-2023-4881: Fixed a out-of-bounds write flaw in the netfilter subsystem
that could lead to potential information disclosure or a denial of service
(bsc#1215221).
* CVE-2023-52447: Fixed map_fd_put_ptr() signature kABI workaround
(bsc#1220251).
* CVE-2023-52450: Fixed NULL pointer dereference issue in upi_fill_topology()
(bsc#1220237).
* CVE-2023-52453: Fixed data corruption in hisi_acc_vfio_pci (bsc#1220337).
* CVE-2023-52454: Fixed a kernel panic when host sends an invalid H2C PDU
length (bsc#1220320).
* CVE-2023-52469: Fixed a use-after-free in kv_parse_power_table
(bsc#1220411).
* CVE-2023-52470: Fixed null-ptr-deref in radeon_crtc_init() (bsc#1220413).
* CVE-2023-52474: Fixed a vulnerability with non-PAGE_SIZE-end multi-iovec
user SDMA requests (bsc#1220445).
* CVE-2023-52476: Fixed possible unhandled page fault via perf sampling NMI
during vsyscall (bsc#1220703).
* CVE-2023-52477: Fixed USB Hub accesses to uninitialized BOS descriptors
(bsc#1220790).
* CVE-2023-52481: Fixed speculative unprivileged load in Cortex-A520
(bsc#1220887).
* CVE-2023-52484: Fixed a soft lockup triggered by
arm_smmu_mm_invalidate_range (bsc#1220797).
* CVE-2023-52486: Fixed possible use-after-free in drm (bsc#1221277).
* CVE-2023-52492: Fixed a null-pointer-dereference in channel unregistration
function __dma_async_device_channel_register() (bsc#1221276).
* CVE-2023-52493: Fixed possible soft lockup in bus/mhi/host (bsc#1221274).
* CVE-2023-52494: Fixed missing alignment check for event ring read pointer in
bus/mhi/host (bsc#1221273).
* CVE-2023-52497: Fixed data corruption in erofs (bsc#1220879).
* CVE-2023-52500: Fixed information leaking when processing
OPC_INB_SET_CONTROLLER_CONFIG command (bsc#1220883).
* CVE-2023-52501: Fixed possible memory corruption in ring-buffer
(bsc#1220885).
* CVE-2023-52502: Fixed a race condition in nfc_llcp_sock_get() and
nfc_llcp_sock_get_sn() (bsc#1220831).
* CVE-2023-52504: Fixed possible out-of bounds in apply_alternatives() on a
5-level paging machine (bsc#1221553).
* CVE-2023-52507: Fixed possible shift-out-of-bounds in nfc/nci (bsc#1220833).
* CVE-2023-52508: Fixed null pointer dereference in nvme_fc_io_getuuid()
(bsc#1221015).
* CVE-2023-52509: Fixed a use-after-free issue in ravb_tx_timeout_work()
(bsc#1220836).
* CVE-2023-52510: Fixed a potential UAF in ca8210_probe() (bsc#1220898).
* CVE-2023-52511: Fixed possible memory corruption in spi/sun6i (bsc#1221012).
* CVE-2023-52513: Fixed connection failure handling in RDMA/siw (bsc#1221022).
* CVE-2023-52515: Fixed possible use-after-free in RDMA/srp (bsc#1221048).
* CVE-2023-52517: Fixed race between DMA RX transfer completion and RX FIFO
drain in spi/sun6i (bsc#1221055).
* CVE-2023-52518: Fixed information leak in bluetooth/hci_codec (bsc#1221056).
* CVE-2023-52519: Fixed possible overflow in HID/intel-ish-hid/ipc
(bsc#1220920).
* CVE-2023-52520: Fixed reference leak in platform/x86/think-lmi
(bsc#1220921).
* CVE-2023-52523: Fixed wrong redirects to non-TCP sockets in bpf
(bsc#1220926).
* CVE-2023-52524: Fixed possible corruption in nfc/llcp (bsc#1220927).
* CVE-2023-52525: Fixed out of bounds check mwifiex_process_rx_packet()
(bsc#1220840).
* CVE-2023-52528: Fixed uninit-value access in __smsc75xx_read_reg()
(bsc#1220843).
* CVE-2023-52529: Fixed a potential memory leak in sony_probe() (bsc#1220929).
* CVE-2023-52532: Fixed a bug in TX CQE error handling (bsc#1220932).
* CVE-2023-52563: Fixed memory leak on ->hpd_notify callback() in drm/meson
(bsc#1220937).
* CVE-2023-52564: Reverted invalid fix for UAF in gsm_cleanup_mux()
(bsc#1220938).
* CVE-2023-52566: Fixed potential use after free in
nilfs_gccache_submit_read_data() (bsc#1220940).
* CVE-2023-52567: Fixed possible Oops in serial/8250_port: when using IRQ
polling (irq = 0) (bsc#1220839).
* CVE-2023-52569: Fixed a bug in btrfs by remoning BUG() after failure to
insert delayed dir index item (bsc#1220918).
* CVE-2023-52574: Fixed a bug by hiding new member header_ops (bsc#1220870).
* CVE-2023-52575: Fixed SBPB enablement for spec_rstack_overflow=off
(bsc#1220871).
* CVE-2023-52576: Fixed potential use after free in memblock_isolate_range()
(bsc#1220872).
* CVE-2023-52582: Fixed possible oops in netfs (bsc#1220878).
* CVE-2023-52583: Fixed deadlock or deadcode of misusing dget() inside ceph
(bsc#1221058).
* CVE-2023-52587: Fixed mcast list locking in IB/ipoib (bsc#1221082).
* CVE-2023-52591: Fixed a possible reiserfs filesystem corruption via
directory renaming (bsc#1221044).
* CVE-2023-52594: Fixed potential array-index-out-of-bounds read in
ath9k_htc_txstatus() (bsc#1221045).
* CVE-2023-52595: Fixed possible deadlock in wifi/rt2x00 (bsc#1221046).
* CVE-2023-52597: Fixed a setting of fpc register in KVM (bsc#1221040).
* CVE-2023-52598: Fixed wrong setting of fpc register in s390/ptrace
(bsc#1221060).
* CVE-2023-52599: Fixed array-index-out-of-bounds in diNewExt() in jfs
(bsc#1221062).
* CVE-2023-52600: Fixed uaf in jfs_evict_inode() (bsc#1221071).
* CVE-2023-52601: Fixed array-index-out-of-bounds in dbAdjTree() in jfs
(bsc#1221068).
* CVE-2023-52602: Fixed slab-out-of-bounds Read in dtSearch() in jfs
(bsc#1221070).
* CVE-2023-52603: Fixed array-index-out-of-bounds in dtSplitRoot()
(bsc#1221066).
* CVE-2023-52604: Fixed array-index-out-of-bounds in dbAdjTree()
(bsc#1221067).
* CVE-2023-52605: Fixed a NULL pointer dereference check (bsc#1221039)
* CVE-2023-52606: Fixed possible kernel stack corruption in powerpc/lib
(bsc#1221069).
* CVE-2023-52607: Fixed a null-pointer-dereference in pgtable_cache_add
kasprintf() (bsc#1221061).
* CVE-2023-52608: Fixed possible race condition in firmware/arm_scmi
(bsc#1221375).
* CVE-2023-52612: Fixed req->dst buffer overflow in crypto/scomp
(bsc#1221616).
* CVE-2023-52615: Fixed page fault dead lock on mmap-ed hwrng (bsc#1221614).
* CVE-2023-52617: Fixed stdev_release() crash after surprise hot remove
(bsc#1221613).
* CVE-2023-52619: Fixed possible crash when setting number of cpus to an odd
number in pstore/ram (bsc#1221618).
* CVE-2023-52621: Fixed missing asserion in bpf (bsc#1222073).
* CVE-2023-52623: Fixed suspicious RCU usage in SUNRPC (bsc#1222060).
* CVE-2023-52628: Fixed 4-byte stack OOB write in nftables (bsc#1222117).
* CVE-2023-52632: Fixed lock dependency warning with srcu in drm/amdkfd
(bsc#1222274).
* CVE-2023-52637: Fixed UAF in j1939_sk_match_filter() in can/k1939
(bsc#1222291).
* CVE-2023-52639: Fixed race during shadow creation in KVM/s390/vsie Fixed
(bsc#1222300).
* CVE-2023-6356: Fixed a NULL pointer dereference in nvmet_tcp_build_pdu_iovec
(bsc#1217987).
* CVE-2023-6535: Fixed a NULL pointer dereference in nvmet_tcp_execute_request
(bsc#1217988).
* CVE-2023-6536: Fixed a NULL pointer dereference in __nvmet_req_complete
(bsc#1217989).
* CVE-2023-7042: Fixed a null-pointer-dereference in
ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev() (bsc#1218336).
* CVE-2023-7192: Fixed a memory leak problem in ctnetlink_create_conntrack in
net/netfilter/nf_conntrack_netlink.c (bsc#1218479).
* CVE-2024-0841: Fixed null pointer dereference in hugetlbfs_fill_super()
(bsc#1219264).
* CVE-2024-2201: Fixed information leak in x86/BHI (bsc#1217339).
* CVE-2024-22099: Fixed a null-pointer-dereference in rfcomm_check_security
(bsc#1219170).
* CVE-2024-23307: Fixed Integer Overflow or Wraparound vulnerability in x86
and ARM md, raid, raid5 modules (bsc#1219169).
* CVE-2024-25739: Fixed possible crash in create_empty_lvol() in
drivers/mtd/ubi/vtbl.c (bsc#1219834).
* CVE-2024-26599: Fixed out-of-bounds access in of_pwm_single_xlate()
(bsc#1220365).
* CVE-2024-26600: Fixed NULL pointer dereference for SRP in phy-omap-usb2
(bsc#1220340).
* CVE-2024-26602: Fixed overall slowdowns with sys_membarrier (bsc1220398).
* CVE-2024-26612: Fixed Oops in fscache_put_cache() This function dereferences
(bsc#1221291).
* CVE-2024-26614: Fixed the initialization of accept_queue's spinlocks
(bsc#1221293).
* CVE-2024-26620: Fixed possible device model violation in s390/vfio-ap
(bsc#1221298).
* CVE-2024-26627: Fixed possible hard lockup in scsi (bsc#1221090).
* CVE-2024-26629: Fixed possible protocol violation via RELEASE_LOCKOWNER in
nfsd (bsc#1221379).
* CVE-2024-26642: Fixed the set of anonymous timeout flag in netfilter
nf_tables (bsc#1221830).
* CVE-2024-26645: Fixed missing visibility when inserting an element into
tracing_map (bsc#1222056).
* CVE-2024-26646: Fixed potential memory corruption when resuming from suspend
or hibernation in thermal/intel/hfi (bsc#1222070).
* CVE-2024-26651: Fixed possible oops via malicious devices in sr9800
(bsc#1221337).
* CVE-2024-26654: Fixed use after free in ALSA/sh/aica (bsc#1222304).
* CVE-2024-26659: Fixed wrong handling of isoc Babble and Buffer Overrun
events in xhci (bsc#1222317).
* CVE-2024-26664: Fixed out-of-bounds memory access in create_core_data() in
hwmon coretemp (bsc#1222355).
* CVE-2024-26667: Fixed null pointer reference in
dpu_encoder_helper_phys_cleanup in drm/msm/dpu (bsc#1222331).
* CVE-2024-26670: Fixed ARM64_WORKAROUND_SPECULATIVE_UNPRIV_LOAD workaround in
kernel arm64 (bsc#1222356).
* CVE-2024-26695: Fixed null pointer dereference in
__sev_platform_shutdown_locked in crypto ccp (bsc#1222373).
* CVE-2024-26717: Fixed null pointer dereference on failed power up in HID
i2c-hid-of (bsc#1222360).

The following non-security bugs were fixed:

* Revert "PCI: tegra194: Enable support for 256 Byte payload" (git-fixes).
* Revert "Revert "drm/amdgpu/display: change pipe policy for DCN 2.0"" (git-
fixes).
* Revert "SUNRPC dont update timeout value on connection reset" (git-fixes).
* Revert "drm/amd: Disable PSR-SU on Parade 0803 TCON" (git-fixes).
* Revert "drm/amd: Disable S/G for APUs when 64GB or more host memory" (git-
fixes).
* Revert "drm/amdgpu/display: change pipe policy for DCN 2.0" (git-fixes).
* Revert "drm/amdgpu/display: change pipe policy for DCN 2.1" (git-fixes).
* Revert "drm/vc4: hdmi: Enforce the minimum rate at runtime_resume" (git-
fixes).
* Revert "fbdev: flush deferred IO before closing (git-fixes)." (bsc#1221814)
* acpi: CPPC: enable AMD CPPC V2 support for family 17h processors (git-
fixes).
* acpi: processor_idle: Fix memory leak in acpi_processor_power_exit() (git-
fixes).
* acpi: resource: Add Infinity laptops to irq1_edge_low_force_override
(stable-fixes).
* acpi: resource: Add MAIBENBEN X577 to irq1_edge_low_force_override (git-
fixes).
* acpi: resource: Do IRQ override on Lunnen Ground laptops (stable-fixes).
* acpi: scan: Fix device check notification handling (git-fixes).
* acpica: debugger: check status of acpi_evaluate_object() in
acpi_db_walk_for_fields() (git-fixes).
* alsa: aaci: Delete unused variable in aaci_do_suspend (git-fixes).
* alsa: aoa: avoid false-positive format truncation warning (git-fixes).
* alsa: aw2: avoid casting function pointers (git-fixes).
* alsa: ctxfi: avoid casting function pointers (git-fixes).
* alsa: hda/realtek - ALC285 reduce pop noise from Headphone port (stable-
fixes).
* alsa: hda/realtek - Add Headset Mic supported Acer NB platform (stable-
fixes).
* alsa: hda/realtek - Fix headset Mic no show at resume back for Lenovo ALC897
platform (git-fixes).
* alsa: hda/realtek: Enable Mute LED on HP 840 G8 (MB 8AB8) (git-fixes).
* alsa: hda/realtek: Update Panasonic CF-SZ6 quirk to support headset with
microphone (git-fixes).
* alsa: hda/realtek: fix ALC285 issues on HP Envy x360 laptops (stable-fixes).
* alsa: hda/realtek: fix mute/micmute LED For HP mt440 (git-fixes).
* alsa: hda/realtek: fix mute/micmute LEDs for HP EliteBook (stable-fixes).
* alsa: seq: fix function cast warnings (git-fixes).
* alsa: sh: aica: reorder cleanup operations to avoid UAF bugs (git-fixes).
* alsa: usb-audio: Stop parsing channels bits when all channels are found
(git-fixes).
* arm64: dts: allwinner: h6: Add RX DMA channel for SPDIF (git-fixes)
* arm64: dts: broadcom: bcmbca: bcm4908: drop invalid switch cells (git-fixes)
* arm64: dts: imx8mm-kontron: Add support for ultra high speed modes on (git-
fixes)
* arm64: dts: imx8mm-venice-gw71xx: fix USB OTG VBUS (git-fixes)
* arm64: dts: marvell: reorder crypto interrupts on Armada SoCs (git-fixes)
* arm64: dts: rockchip: add ES8316 codec for ROCK Pi 4 (git-fixes)
* arm64: dts: rockchip: add SPDIF node for ROCK Pi 4 (git-fixes)
* arm64: dts: rockchip: fix regulator name on rk3399-rock-4 (git-fixes)
* arm64: dts: rockchip: set num-cs property for spi on px30 (git-fixes)
* arm64: mm: fix VA-range sanity check (git-fixes)
* arm64: set __exception_irq_entry with __irq_entry as a default (git-fixes)
* asoc: Intel: bytcr_rt5640: Add an extra entry for the Chuwi Vi8 tablet
(stable-fixes).
* asoc: amd: acp: Add missing error handling in sof-mach (git-fixes).
* asoc: amd: acp: fix for acp_init function error handling (git-fixes).
* asoc: madera: Fix typo in madera_set_fll_clks shift value (git-fixes).
* asoc: meson: Use dev_err_probe() helper (stable-fixes).
* asoc: meson: aiu: fix function pointer type mismatch (git-fixes).
* asoc: meson: axg-tdm-interface: add frame rate constraint (git-fixes).
* asoc: meson: axg-tdm-interface: fix mclk setup without mclk-fs (git-fixes).
* asoc: meson: t9015: fix function pointer type mismatch (git-fixes).
* asoc: ops: Fix wraparound for mask in snd_soc_get_volsw (git-fixes).
* asoc: rcar: adg: correct TIMSEL setting for SSI9 (git-fixes).
* asoc: rt5645: Make LattePanda board DMI match more precise (stable-fixes).
* asoc: rt5682-sdw: fix locking sequence (git-fixes).
* asoc: rt711-sdca: fix locking sequence (git-fixes).
* asoc: rt711-sdw: fix locking sequence (git-fixes).
* asoc: wm8962: Enable both SPKOUTR_ENA and SPKOUTL_ENA in mono mode (stable-
fixes).
* asoc: wm8962: Enable oscillator if selecting WM8962_FLL_OSC (stable-fixes).
* asoc: wm8962: Fix up incorrect error message in wm8962_set_fll (stable-
fixes).
* ata: sata_mv: Fix PCI device ID table declaration compilation warning (git-
fixes).
* ata: sata_sx4: fix pdc20621_get_from_dimm() on 64-bit (git-fixes).
* backlight: da9052: Fully initialize backlight_properties during probe (git-
fixes).
* backlight: lm3630a: Do not set bl->props.brightness in get_brightness (git-
fixes).
* backlight: lm3630a: Initialize backlight_properties on init (git-fixes).
* backlight: lm3639: Fully initialize backlight_properties during probe (git-
fixes).
* backlight: lp8788: Fully initialize backlight_properties during probe (git-
fixes).
* blocklayoutdriver: Fix reference leak of pnfs_device_node (git-fixes).
* bluetooth: hci_core: Fix possible buffer overflow (git-fixes).
* bluetooth: mgmt: Remove leftover queuing of power_off work (git-fixes).
* bluetooth: remove HCI_POWER_OFF_TIMEOUT (git-fixes).
* bluetooth: remove superfluous call to hci_conn_check_pending() (git-fixes).
* bluetooth: rfcomm: Fix null-ptr-deref in rfcomm_check_security (stable-
fixes).
* bpf, scripts: Correct GPL license name (git-fixes).
* bpf, sockmap: Fix preempt_rt splat when using raw_spin_lock_t (git-fixes).
* can: softing: remove redundant NULL check (git-fixes).
* clk: zynq: Prevent null pointer dereference caused by kmalloc failure (git-
fixes).
* comedi: comedi_test: Prevent timers rescheduling during deletion (git-
fixes).
* coresight: etm4x: Do not access TRCIDR1 for identification (bsc#1220775)
* coresight: etm4x: Fix accesses to TRCSEQRSTEVR and TRCSEQSTR (bsc#1220775)
* coresight: etm: Override TRCIDR3.CCITMIN on errata affected cpus
(bsc#1220775)
* cpufreq: amd-pstate: Fix min_perf assignment in amd_pstate_adjust_perf()
(git-fixes).
* cpufreq: brcmstb-avs-cpufreq: add check for cpufreq_cpu_get's return value
(git-fixes).
* crypto: arm/sha - fix function cast warnings (git-fixes).
* crypto: qat - avoid division by zero (git-fixes).
* crypto: qat - fix deadlock in backlog processing (git-fixes).
* crypto: qat - fix double free during reset (git-fixes).
* crypto: qat - fix state machines cleanup paths (bsc#1218321).
* crypto: qat - fix unregistration of compression algorithms (git-fixes).
* crypto: qat - fix unregistration of crypto algorithms (git-fixes).
* crypto: qat - ignore subsequent state up commands (git-fixes).
* crypto: qat - increase size of buffers (git-fixes).
* crypto: qat - resolve race condition during AER recovery (git-fixes).
* crypto: xilinx - call finalize with bh disabled (git-fixes).
* doc-guide: kernel-doc: tell about object-like macros (git-fixes).
* doc/README.SUSE: Update information about module support status
(jsc#PED-5759)
* drivers: hv: vmbus: Calculate ring buffer size for more efficient use of
memory (git-fixes).
* drm/amd/display: Add FAMS validation before trying to use it (git-fixes).
* drm/amd/display: Add function for validate and update new stream (git-
fixes).
* drm/amd/display: Avoid ABM when ODM combine is enabled for eDP (git-fixes).
* drm/amd/display: Blocking invalid 420 modes on HDMI TMDS for DCN31 (git-
fixes).
* drm/amd/display: Check if link state is valid (git-fixes).
* drm/amd/display: Copy DC context in the commit streams (git-fixes).
* drm/amd/display: Disable PSR-SU on Parade 0803 TCON again (git-fixes).
* drm/amd/display: Enable fast plane updates on DCN3.2 and above (git-fixes).
* drm/amd/display: Enable new commit sequence only for DCN32x (git-fixes).
* drm/amd/display: Exit idle optimizations before attempt to access PHY (git-
fixes).
* drm/amd/display: Expand kernel doc for DC (git-fixes).
* drm/amd/display: Fix a bug when searching for insert_above_mpcc (git-fixes).
* drm/amd/display: Fix a potential buffer overflow in 'dp_dsc_clock_en_read()'
(git-fixes).
* drm/amd/display: Fix possible underflow for displays with large vblank (git-
fixes).
* drm/amd/display: Fix the delta clamping for shaper LUT (git-fixes).
* drm/amd/display: Fix underflow issue on 175hz timing (git-fixes).
* drm/amd/display: For prefetch mode > 0, extend prefetch if possible (git-
fixes).
* drm/amd/display: Guard DCN31 PHYD32CLK logic against chip family (git-
fixes).
* drm/amd/display: Guard against invalid RPTR/WPTR being set (git-fixes).
* drm/amd/display: Handle seamless boot stream (git-fixes).
* drm/amd/display: Handle virtual hardware detect (git-fixes).
* drm/amd/display: Include surface of unaffected streams (git-fixes).
* drm/amd/display: Include udelay when waiting for INBOX0 ACK (git-fixes).
* drm/amd/display: Increase frame warning limit with KASAN or KCSAN in dml
(git-fixes).
* drm/amd/display: Keep PHY active for dp config (git-fixes).
* drm/amd/display: Prevent vtotal from being set to 0 (git-fixes).
* drm/amd/display: Remove min_dst_y_next_start check for Z8 (git-fixes).
* drm/amd/display: Restore rptr/wptr for DMCUB as workaround (git-fixes).
* drm/amd/display: Return the correct HDCP error code (stable-fixes).
* drm/amd/display: Revert vblank change that causes null pointer crash (git-
fixes).
* drm/amd/display: Rework comments on dc file (git-fixes).
* drm/amd/display: Rework context change check (git-fixes).
* drm/amd/display: Set minimum requirement for using PSR-SU on Phoenix (git-
fixes).
* drm/amd/display: Set minimum requirement for using PSR-SU on Rembrandt (git-
fixes).
* drm/amd/display: Update OTG instance in the commit stream (git-fixes).
* drm/amd/display: Update correct DCN314 register header (git-fixes).
* drm/amd/display: Update min Z8 residency time to 2100 for DCN314 (git-
fixes).
* drm/amd/display: Use DRAM speed from validation for dummy p-state (git-
fixes).
* drm/amd/display: Use DTBCLK as refclk instead of DPREFCLK (git-fixes).
* drm/amd/display: Use min transition for all SubVP plane add/remove (git-
fixes).
* drm/amd/display: Write to correct dirty_rect (git-fixes).
* drm/amd/display: Wrong colorimetry workaround (git-fixes).
* drm/amd/display: add FB_DAMAGE_CLIPS support (git-fixes).
* drm/amd/display: add ODM case when looking for first split pipe (git-fixes).
* drm/amd/display: always switch off ODM before committing more streams (git-
fixes).
* drm/amd/display: clean code-style issues in dcn30_set_mpc_shaper_3dlut (git-
fixes).
* drm/amd/display: dc.h: eliminate kernel-doc warnings (git-fixes).
* drm/amd/display: ensure async flips are only accepted for fast updates (git-
fixes).
* drm/amd/display: fix ABM disablement (git-fixes).
* drm/amd/display: fix a NULL pointer dereference in amdgpu_dm_i2c_xfer()
(git-fixes).
* drm/amd/display: fix dc/core/dc.c kernel-doc (git-fixes).
* drm/amd/display: fix hw rotated modes when PSR-SU is enabled (git-fixes).
* drm/amd/display: fix kernel-doc issues in dc.h (git-fixes).
* drm/amd/display: fix unbounded requesting for high pixel rate modes on
dcn315 (git-fixes).
* drm/amd/display: handle range offsets in VRR ranges (stable-fixes).
* drm/amd/display: perform a bounds check before filling dirty rectangles
(git-fixes).
* drm/amd/display: set per pipe dppclk to 0 when dpp is off (git-fixes).
* drm/amd/display: update extended blank for dcn314 onwards (git-fixes).
* drm/amd/display: use low clocks for no plane configs (git-fixes).
* drm/amd/pm: Fix error of MACO flag setting code (git-fixes).
* drm/amd/pm: fix a memleak in aldebaran_tables_init (git-fixes).
* drm/amd/smu: use AverageGfxclkFrequency* to replace previous GFX Curr Clock
(git-fixes).
* drm/amd: Enable PCIe PME from D3 (git-fixes).
* drm/amdgpu/pm: Fix the error of pwm1_enable setting (stable-fixes).
* drm/amdgpu/pm: make gfxclock consistent for sienna cichlid (git-fixes).
* drm/amdgpu/pm: make mclk consistent for smu 13.0.7 (git-fixes).
* drm/amdgpu/smu13: drop compute workload workaround (git-fixes).
* drm/amdgpu: Enable gpu reset for S3 abort cases on Raven series (stable-
fixes).
* drm/amdgpu: Fix missing break in ATOM_ARG_IMM Case of atom_get_src_int()
(git-fixes).
* drm/amdgpu: Force order between a read and write to the same address (git-
fixes).
* drm/amdgpu: Match against exact bootloader status (git-fixes).
* drm/amdgpu: Unset context priority is now invalid (git-fixes).
* drm/amdgpu: Update min() to min_t() in 'amdgpu_info_ioctl' (git-fixes).
* drm/amdgpu: amdgpu_ttm_gart_bind set gtt bound flag (stable-fixes).
* drm/amdgpu: lower CS errors to debug severity (git-fixes).
* drm/amdkfd: fix TLB flush after unmap for GFX9.4.2 (stable-fixes).
* drm/bridge: tc358762: Instruct DSI host to generate HSE packets (git-fixes).
* drm/display: fix typo (git-fixes).
* drm/edid: Add quirk for OSVR HDK 2.0 (git-fixes).
* drm/etnaviv: Restore some id values (git-fixes).
* drm/exynos: do not return negative values from .get_modes() (stable-fixes).
* drm/exynos: fix a possible null-pointer dereference due to data race in
exynos_drm_crtc_atomic_disable() (git-fixes).
* drm/i915/bios: Tolerate devdata==NULL in
intel_bios_encoder_supports_dp_dual_mode() (stable-fixes).
* drm/i915/gt: Do not generate the command streamer for all the CCS (git-
fixes).
* drm/i915/gt: Reset queue_priority_hint on parking (git-fixes).
* drm/i915/gt: Use i915_vm_put on ppgtt_create error paths (git-fixes).
* drm/i915/selftests: Fix dependency of some timeouts on HZ (git-fixes).
* drm/i915: Add missing CCS documentation (git-fixes).
* drm/i915: Call intel_pre_plane_updates() also for pipes getting enabled
(git-fixes).
* drm/i915: Check before removing mm notifier (git-fixes).
* drm/lima: fix a memleak in lima_heap_alloc (git-fixes).
* drm/mediatek: Fix a null pointer crash in mtk_drm_crtc_finish_page_flip
(git-fixes).
* drm/mediatek: dsi: Fix DSI RGB666 formats and definitions (git-fixes).
* drm/msm/dpu: Only enable DSC_MODE_MULTIPLEX if dsc_merge is enabled (git-
fixes).
* drm/msm/dpu: add division of drm_display_mode's hskew parameter (git-fixes).
* drm/msm/dpu: fix the programming of INTF_CFG2_DATA_HCTL_EN (git-fixes).
* drm/msm/dpu: improve DSC allocation (git-fixes).
* drm/panel-edp: use put_sync in unprepare (git-fixes).
* drm/panel: Move AUX B116XW03 out of panel-edp back to panel-simple (git-
fixes).
* drm/panel: auo,b101uan08.3: Fine tune the panel power sequence (git-fixes).
* drm/panel: boe-tv101wum-nl6: Fine tune the panel power sequence (git-fixes).
* drm/panel: do not return negative error codes from drm_panel_get_modes()
(stable-fixes).
* drm/panfrost: fix power transition timeout warnings (git-fixes).
* drm/probe-helper: warn about negative .get_modes() (stable-fixes).
* drm/qxl: remove unused `count` variable from `qxl_surface_id_alloc()` (git-
fixes).
* drm/qxl: remove unused variable from `qxl_process_single_command()` (git-
fixes).
* drm/radeon/ni: Fix wrong firmware size logging in ni_init_microcode() (git-
fixes).
* drm/radeon/ni_dpm: remove redundant NULL check (git-fixes).
* drm/radeon: remove dead code in ni_mc_load_microcode() (git-fixes).
* drm/rockchip: dsi: Clean up 'usage_mode' when failing to attach (git-fixes).
* drm/rockchip: inno_hdmi: Fix video timing (git-fixes).
* drm/rockchip: lvds: do not overwrite error code (git-fixes).
* drm/rockchip: lvds: do not print scary message when probing defer (git-
fixes).
* drm/tegra: dpaux: Fix PM disable depth imbalance in tegra_dpaux_probe (git-
fixes).
* drm/tegra: dsi: Add missing check for of_find_device_by_node (git-fixes).
* drm/tegra: dsi: Fix missing pm_runtime_disable() in the error handling path
of tegra_dsi_probe() (git-fixes).
* drm/tegra: dsi: Fix some error handling paths in tegra_dsi_probe() (git-
fixes).
* drm/tegra: dsi: Make use of the helper function dev_err_probe() (stable-
fixes).
* drm/tegra: hdmi: Convert to devm_platform_ioremap_resource() (stable-fixes).
* drm/tegra: hdmi: Fix some error handling paths in tegra_hdmi_probe() (git-
fixes).
* drm/tegra: output: Fix missing i2c_put_adapter() in the error handling paths
of tegra_output_probe() (git-fixes).
* drm/tegra: put drm_gem_object ref on error in tegra_fb_create (git-fixes).
* drm/tegra: rgb: Fix missing clk_put() in the error handling paths of
tegra_dc_rgb_probe() (git-fixes).
* drm/tegra: rgb: Fix some error handling paths in tegra_dc_rgb_probe() (git-
fixes).
* drm/tidss: Fix initial plane zpos values (git-fixes).
* drm/tidss: Fix sync-lost issue with two displays (git-fixes).
* drm/ttm: Do not leak a resource on eviction error (git-fixes).
* drm/ttm: Do not print error message if eviction was interrupted (git-fixes).
* drm/vc4: Add module dependency on hdmi-codec (git-fixes).
* drm/vmwgfx: Create debugfs ttm_resource_manager entry only if needed (git-
fixes).
* drm/vmwgfx: Fix possible null pointer derefence with invalid contexts (git-
fixes).
* drm/vmwgfx: fix a memleak in vmw_gmrid_man_get_node (git-fixes).
* drm: Do not treat 0 as -1 in drm_fixp2int_ceil (git-fixes).
* drm: Fix drm_fixp2int_round() making it add 0.5 (git-fixes).
* drm: panel-orientation-quirks: Add quirk for Acer Switch V 10 (SW5-017)
(git-fixes).
* firewire: core: use long bus reset on gap count error (stable-fixes).
* fix "coresight: etm4x: Change etm4_platform_driver driver for MMIO devices"
(bsc#1220775) Hunk with clk_put(drvdata->pclk) was incorrectly moved to
another function.
* force config_TCG_TIS_CORE=m on aarch64 for workaround kconfig issues
* group-source-files.pl: Quote filenames (boo#1221077). The kernel source now
contains a file with a space in the name. Add quotes in group-source-
files.pl to avoid splitting the filename. Also use -print0 / -0 when
updating timestamps.
* hid: amd_sfh: Update HPD sensor structure elements (git-fixes).
* hid: lenovo: Add middleclick_workaround sysfs knob for cptkbd (git-fixes).
* hid: multitouch: Add required quirk for Synaptics 0xcddc device (stable-
fixes).
* hv_netvsc: Calculate correct ring size when PAGE_SIZE is not 4 Kbytes (git-
fixes).
* hv_netvsc: Fix race condition between netvsc_probe and netvsc_remove (git-
fixes).
* hv_netvsc: Register VF in netvsc_probe if NET_DEVICE_REGISTER missed (git-
fixes).
* i2c: aspeed: Fix the dummy irq expected print (git-fixes).
* i2c: i801: Avoid potential double call to gpiod_remove_lookup_table (git-
fixes).
* i2c: wmt: Fix an error handling path in wmt_i2c_probe() (git-fixes).
* ib/ipoib: fix mcast list locking (git-fixes)
* iio: dummy_evgen: remove Excess kernel-doc comments (git-fixes).
* iio: pressure: dlhl60d: Initialize empty DLH bytes (git-fixes).
* input: gpio_keys_polled - suppress deferred probe error for gpio (stable-
fixes).
* input: synaptics-rmi4 - fix UAF of IRQ domain on driver removal (git-fixes).
* iommu/amd: Mark interrupt as managed (git-fixes).
* iommu/dma: Trace bounce buffer usage when mapping buffers (git-fixes).
* iommu/mediatek-v1: Fix an error handling path in mtk_iommu_v1_probe() (git-
fixes).
* iommu/mediatek: Fix forever loop in error handling (git-fixes).
* iommu/vt-d: Allow to use flush-queue when first level is default (git-
fixes).
* iommu/vt-d: Do not issue ATS Invalidation request when device is
disconnected (git-fixes).
* iommu/vt-d: Fix PASID directory pointer coherency (git-fixes).
* iommu/vt-d: Set No Execute Enable bit in PASID table entry (git-fixes).
* kABI: PCI: Add locking to RMW PCI Express Capability Register accessors
(kabi).
* kconfig: fix infinite loop when expanding a macro at the end of file (git-
fixes).
* kernel-binary: Fix i386 build Fixes: 89eaf4cdce05 ("rpm templates: Move
macro definitions below buildrequires")
* kernel-binary: Move build script to the end All other spec templates have
the build script at the end, only kernel-binary has it in the middle. Align
with the other templates.
* kernel-binary: certs: Avoid trailing space
* kernel-binary: vdso: fix filelist for non-usrmerged kernel Fixes:
a6ad8af207e6 ("rpm templates: Always define usrmerged")
* kvm: s390: only deliver the set service event bits (git-fixes bsc#1221631).
* leds: aw2013: Unlock mutex before destroying it (git-fixes).
* lib/cmdline: Fix an invalid format specifier in an assertion msg (git-
fixes).
* make nvidia Grace-Hopper TPM related drivers build-ins (bsc#1221156)
* md: fix data corruption for raid456 when reshape restart while grow up (git-
fixes).
* media: dvb-frontends: avoid stack overflow warnings with clang (git-fixes).
* media: edia: dvbdev: fix a use-after-free (git-fixes).
* media: em28xx: annotate unchecked call to media_device_register() (git-
fixes).
* media: go7007: add check of return value of go7007_read_addr() (git-fixes).
* media: go7007: fix a memleak in go7007_load_encoder (git-fixes).
* media: imx: csc/scaler: fix v4l2_ctrl_handler memory leak (git-fixes).
* media: pvrusb2: fix pvr2_stream_callback casts (git-fixes).
* media: pvrusb2: fix uaf in pvr2_context_set_notify (git-fixes).
* media: pvrusb2: remove redundant NULL check (git-fixes).
* media: staging: ipu3-imgu: Set fields before media_entity_pads_init() (git-
fixes).
* media: sun8i-di: Fix chroma difference threshold (git-fixes).
* media: sun8i-di: Fix coefficient writes (git-fixes).
* media: sun8i-di: Fix power on/off sequences (git-fixes).
* media: tc358743: register v4l2 async device only after successful setup
(git-fixes).
* media: ttpci: fix two memleaks in budget_av_attach (git-fixes).
* media: usbtv: Remove useless locks in usbtv_video_free() (git-fixes).
* media: v4l2-mem2mem: fix a memleak in v4l2_m2m_register_entity (git-fixes).
* media: v4l2-tpg: fix some memleaks in tpg_alloc (git-fixes).
* media: xc4000: Fix atomicity violation in xc4000_get_frequency (git-fixes).
* mfd: altera-sysmgr: Call of_node_put() only when of_parse_phandle() takes a
ref (git-fixes).
* mfd: syscon: Call of_node_put() only when of_parse_phandle() takes a ref
(git-fixes).
* mm,page_owner: Defer enablement of static branch (bsc#1222366).
* mm,page_owner: Fix accounting of pages when migrating (bsc#1222366).
* mm,page_owner: Fix printing of stack records (bsc#1222366).
* mm,page_owner: Fix refcount imbalance (bsc#1222366).
* mm,page_owner: Update metadata for tail pages (bsc#1222366).
* mm,page_owner: check for null stack_record before bumping its refcount
(bsc#1222366).
* mm,page_owner: drop unnecessary check (bsc#1222366).
* mm,page_owner: fix recursion (bsc#1222366).
* mmc: core: Avoid negative index with array access (git-fixes).
* mmc: core: Fix switch on gp3 partition (git-fixes).
* mmc: core: Initialize mmc_blk_ioc_data (git-fixes).
* mmc: mmci: stm32: fix DMA API overlapping mappings warning (git-fixes).
* mmc: mmci: stm32: use a buffer for unaligned DMA requests (git-fixes).
* mmc: tmio: avoid concurrent runs of mmc_request_done() (git-fixes).
* mmc: wmt-sdmmc: remove an incorrect release_mem_region() call in the .remove
function (git-fixes).
* mtd: maps: physmap-core: fix flash size larger than 32-bit (git-fixes).
* mtd: rawnand: lpc32xx_mlc: fix irq handler prototype (git-fixes).
* mtd: rawnand: meson: fix scrambling mode value in command macro (git-fixes).
* net/bnx2x: Prevent access to a freed page in page_pool (bsc#1215322).
* net/x25: fix incorrect parameter validation in the x25_getsockopt() function
(git-fixes).
* net: Fix features skip in for_each_netdev_feature() (git-fixes).
* net: lan78xx: fix runtime PM count underflow on link stop (git-fixes).
* net: ll_temac: platform_get_resource replaced by wrong function (git-fixes).
* net: mana: Fix Rx DMA datasize and skb_over_panic (git-fixes).
* net: phy: fix phy_get_internal_delay accessing an empty array (git-fixes).
* net: sunrpc: Fix an off by one in rpc_sockaddr2uaddr() (git-fixes).
* nfc: nci: Fix uninit-value in nci_dev_up and nci_ntf_packet (git-fixes).
* nfs: fix an off by one in root_nfs_cat() (git-fixes).
* nfs: rename nfs_client_kset to nfs_kset (git-fixes).
* nfsd: change LISTXATTRS cookie encoding to big-endian (git-fixes).
* nfsd: convert the callback workqueue to use delayed_work (git-fixes).
* nfsd: do not take fi_lock in nfsd_break_deleg_cb() (git-fixes).
* nfsd: fix file memleak on client_opens_release (git-fixes).
* nfsd: fix liSTXATTRS returning a short list with eof=TRUE (git-fixes).
* nfsd: fix liSTXATTRS returning more bytes than maxcount (git-fixes).
* nfsd: fix nfsd4_listxattr_validate_cookie (git-fixes).
* nfsd: lock_rename() needs both directories to live on the same fs (git-
fixes).
* nfsd: reschedule CB operations when backchannel rpc_clnt is shut down (git-
fixes).
* nfsd: reset cb_seq_status after NFS4ERR_DELAY (git-fixes).
* nfsd: retransmit callbacks after client reconnects (git-fixes).
* nfsd: use vfs setgid helper (git-fixes).
* nfsv4.1/pnfs: Ensure we handle the error NFS4ERR_RETURNCONFLICT (git-fixes).
* nfsv4.1: fix SP4_MACH_CRED protection for pnfs IO (git-fixes).
* nfsv4.1: fixup use EXCHGID4_FLAG_USE_PNFS_DS for DS server (git-fixes).
* nfsv4.1: use EXCHGID4_FLAG_USE_PNFS_DS for DS server (git-fixes).
* nfsv4.2: fix listxattr maximum XDR buffer size (git-fixes).
* nfsv4.2: fix nfs4_listxattr kernel BUG at mm/usercopy.c:102 (git-fixes).
* nfsv4.2: fix wrong shrinker_id (git-fixes).
* nfsv4: fix a nfs4_state_manager() race (git-fixes).
* nfsv4: fix a state manager thread deadlock regression (git-fixes).
* nilfs2: fix failure to detect DAT corruption in btree and direct mappings
(git-fixes).
* nilfs2: prevent kernel bug at submit_bh_wbc() (git-fixes).
* nouveau/dmem: handle kcalloc() allocation failure (git-fixes).
* nouveau: reset the bo resource bus info after an eviction (git-fixes).
* ntfs: fix use-after-free in ntfs_ucsncmp() (bsc#1221713).
* nvme-fc: do not wait in vain when unloading module (git-fixes).
* nvme: fix reconnection fail due to reserved tag allocation (git-fixes).
* nvmet-fc: abort command when there is no binding (git-fixes).
* nvmet-fc: avoid deadlock on delete association path (git-fixes).
* nvmet-fc: defer cleanup using RCU properly (git-fixes).
* nvmet-fc: hold reference on hostport match (git-fixes).
* nvmet-fc: release reference on target port (git-fixes).
* nvmet-fc: take ref count on tgtport before delete assoc (git-fixes).
* nvmet-fcloop: swap the list_add_tail arguments (git-fixes).
* nvmet-tcp: fix nvme tcp ida memory leak (git-fixes).
* pNFS/flexfiles: Check the layout validity in ff_layout_mirror_prepare_stats
(git-fixes).
* pNFS: Fix a hang in nfs4_evict_inode() (git-fixes).
* pNFS: Fix the pnfs block driver's calculation of layoutget size (git-fixes).
* pci/aer: fix rootport attribute paths in ABI docs (git-fixes).
* pci/aspm: use RMW accessors for changing LNKCTL (git-fixes).
* pci/dpc: print all TLP Prefixes, not just the first (git-fixes).
* pci/msi: prevent MSI hardware interrupt number truncation (bsc#1218777)
* pci/p2pdma: Fix a sleeping issue in a RCU read section (git-fixes).
* pci: add locking to RMW PCI Express Capability Register accessors (git-
fixes).
* pci: dwc: endpoint: Fix advertised resizable BAR size (git-fixes).
* pci: dwc: endpoint: Fix dw_pcie_ep_raise_msix_irq() alignment support (git-
fixes).
* pci: dwc: fix a 64bit bug in dw_pcie_ep_raise_msix_irq() (git-fixes).
* pci: fu740: Set the number of MSI vectors (git-fixes).
* pci: lengthen reset delay for VideoPropulsion Torrent QN16e card (git-
fixes).
* pci: make link retraining use RMW accessors for changing LNKCTL (git-fixes).
* pci: mark 3ware-9650SE Root Port Extended Tags as broken (git-fixes).
* pci: mediatek-gen3: Fix translation window size calculation (git-fixes).
* pci: mediatek: Clear interrupt status before dispatching handler (git-
fixes).
* pci: qcom: enable BDF to SID translation properly (git-fixes).
* pci: qcom: use DWC helpers for modifying the read-only DBI registers (git-
fixes).
* pci: rockchip: Do not advertise MSI-X in PCIe capabilities (git-fixes).
* pci: rockchip: Fix window mapping and address translation for endpoint (git-
fixes).
* pci: rockchip: Use 64-bit mask on MSI 64-bit PCI address (git-fixes).
* pci: switchtec: Fix an error handling path in switchtec_pci_probe() (git-
fixes).
* pinctrl: mediatek: Drop bogus slew rate register range for MT8192 (git-
fixes).
* platform/mellanox: mlxreg-hotplug: Remove redundant NULL-check (git-fixes).
* pm: suspend: Set mem_sleep_current during kernel command line setup (git-
fixes).
* powerpc/64s: POWER10 CPU Kconfig build option (bsc#1194869).
* powerpc/boot: Disable power10 features after BOOTAFLAGS assignment
(bsc#1194869).
* powerpc/boot: Fix boot wrapper code generation with CONFIG_POWER10_CPU
(bsc#1194869).
* powerpc/lib/sstep: Do not use __{get/put}_user() on kernel addresses
(bsc#1194869).
* powerpc/lib/sstep: Remove unneeded #ifdef **powerpc64** (bsc#1194869).
* powerpc/lib/sstep: Use l1_dcache_bytes() instead of opencoding
(bsc#1194869).
* powerpc/lib/sstep: use truncate_if_32bit() (bsc#1194869).
* powerpc/pseries/iommu: IOMMU table is not initialized for kdump over SR-IOV
(bsc#1220492 ltc#205270).
* powerpc/pseries: Fix potential memleak in papr_get_attr() (bsc#1200465
ltc#197256 jsc#SLE-18130 git-fixes).
* powerpc/sstep: Use bitwise instead of arithmetic operator for flags
(bsc#1194869).
* powerpc: add compile-time support for lbarx, lharx (bsc#1194869).
* pwm: mediatek: Update kernel doc for struct pwm_mediatek_of_data (git-
fixes).
* qedf: Do not process stag work during unload (bsc#1214852).
* qedf: Wait for stag work during unload (bsc#1214852).
* raid1: fix use-after-free for original bio in raid1_write_request()
(bsc#1221097).
* ras/amd/fmpm: Add debugfs interface to print record entries (jsc#PED-7619).
* ras/amd/fmpm: Avoid NULL ptr deref in get_saved_records() (jsc#PED-7619).
* ras/amd/fmpm: Fix build when debugfs is not enabled (jsc#PED-7619).
* ras/amd/fmpm: Fix off by one when unwinding on error (jsc#PED-7619).
* ras/amd/fmpm: Safely handle saved records of various sizes (jsc#PED-7619).
* ras/amd/fmpm: Save SPA values (jsc#PED-7619).
* ras: Avoid build errors when CONFIG_DEBUG_FS=n (git-fixes).
* ras: export helper to get ras_debugfs_dir (jsc#PED-7619).
* rdma/device: Fix a race between mad_client and cm_client init (git-fixes)
* rdma/hns: fix mis-modifying default congestion control algorithm (git-fixes)
* rdma/ipoib: Fix error code return in ipoib_mcast_join (git-fixes)
* rdma/irdma: Remove duplicate assignment (git-fixes)
* rdma/mana_ib: Fix bug in creation of dma regions (git-fixes).
* rdma/mlx5: fix fortify source warning while accessing Eth segment (git-
fixes)
* rdma/mlx5: relax DEVX access upon modify commands (git-fixes)
* rdma/rtrs-clt: Check strnlen return len in sysfs mpath_policy_store() (git-
fixes)
* rdma/srpt: do not register event handler until srpt device is fully setup
(git-fixes)
* rtc: mt6397: select IRQ_DOMAIN instead of depending on it (git-fixes).
* s390/pai: fix attr_event_free upper limit for pai device drivers (git-fixes
bsc#1221633).
* s390/vfio-ap: realize the VFIO_DEVICE_GET_IRQ_INFO ioctl (bsc#1205316).
* s390/vfio-ap: realize the VFIO_DEVICE_SET_IRQS ioctl (bsc#1205316).
* s390/vfio-ap: wire in the vfio_device_ops request callback (bsc#1205316).
* s390/vtime: fix average steal time calculation (git-fixes bsc#1221951).
* sched/rt: Disallow writing invalid values to sched_rt_period_us
(bsc#1220176).
* sched/rt: sysctl_sched_rr_timeslice show default timeslice after reset
(bsc#1220176).
* scsi: lpfc: Copyright updates for 14.4.0.1 patches (bsc#1221777).
* scsi: lpfc: Correct size for cmdwqe/rspwqe for memset() (bsc#1221777).
* scsi: lpfc: Correct size for wqe for memset() (bsc#1221777).
* scsi: lpfc: Define lpfc_dmabuf type for ctx_buf ptr (bsc#1221777).
* scsi: lpfc: Define lpfc_nodelist type for ctx_ndlp ptr (bsc#1221777).
* scsi: lpfc: Define types in a union for generic void *context3 ptr
(bsc#1221777).
* scsi: lpfc: Move NPIV's transport unregistration to after resource clean up
(bsc#1221777).
* scsi: lpfc: Release hbalock before calling lpfc_worker_wake_up()
(bsc#1221777).
* scsi: lpfc: Remove IRQF_ONESHOT flag from threaded IRQ handling (bsc#1221777
bsc#1217959).
* scsi: lpfc: Remove unnecessary log message in queuecommand path
(bsc#1221777).
* scsi: lpfc: Replace hbalock with ndlp lock in lpfc_nvme_unregister_port()
(bsc#1221777).
* scsi: lpfc: Update lpfc version to 14.4.0.1 (bsc#1221777).
* scsi: lpfc: Update lpfc_ramp_down_queue_handler() logic (bsc#1221777).
* scsi: lpfc: Use a dedicated lock for ras_fwlog state (bsc#1221777).
* scsi: qedf: Remove set but unused variable 'page' (bsc#1214852).
* scsi: qedf: Remove unused 'num_handled' variable (bsc#1214852).
* scsi: qedf: Remove unused declaration (bsc#1214852).
* scsi: qla2xxx: Change debug message during driver unload (bsc1221816).
* scsi: qla2xxx: Delay I/O Abort on PCI error (bsc1221816).
* scsi: qla2xxx: Fix N2N stuck connection (bsc1221816).
* scsi: qla2xxx: Fix command flush on cable pull (bsc1221816).
* scsi: qla2xxx: Fix double free of fcport (bsc1221816).
* scsi: qla2xxx: Fix double free of the ha->vp_map pointer (bsc1221816).
* scsi: qla2xxx: NVME|FCP prefer flag not being honored (bsc1221816).
* scsi: qla2xxx: Prevent command send on chip reset (bsc1221816).
* scsi: qla2xxx: Split FCE|EFT trace control (bsc1221816).
* scsi: qla2xxx: Update manufacturer detail (bsc1221816).
* scsi: qla2xxx: Update version to 10.02.09.200-k (bsc1221816).
* scsi: storvsc: Fix ring buffer size calculation (git-fixes).
* scsi: target: core: Silence the message about unknown VPD pages
(bsc#1221252).
* selftests/bpf: add generic BPF program tester-loader (bsc#1222033).
* serial: 8250_exar: Do not remove GPIO device on suspend (git-fixes).
* serial: max310x: fix syntax error in IRQ error message (git-fixes).
* slimbus: core: Remove usage of the deprecated ida_simple_xx() API (git-
fixes).
* soc: fsl: qbman: Always disable interrupts when taking cgr_lock (git-fixes).
* spi: lm70llp: fix links in doc and comments (git-fixes).
* spi: spi-mt65xx: Fix NULL pointer access in interrupt handler (git-fixes).
* sr9800: Add check for usbnet_get_endpoints (git-fixes).
* stackdepot: rename pool_index to pool_index_plus_1 (git-fixes).
* staging: vc04_services: fix information leak in create_component() (git-
fixes).
* sunrpc: Add an IS_ERR() check back to where it was (git-fixes).
* sunrpc: ECONNRESET might require a rebind (git-fixes).
* sunrpc: Fix RPC client cleaned up the freed pipefs dentries (git-fixes).
* sunrpc: Fix a suspicious RCU usage warning (git-fixes).
* sunrpc: fix a memleak in gss_import_v2_context (git-fixes).
* sunrpc: fix some memleaks in gssx_dec_option_array (git-fixes).
* svcrdma: Drop connection after an RDMA Read error (git-fixes).
* tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc (bsc#1222619).
* tty: serial: fsl_lpuart: avoid idle preamble pending if CTS is enabled (git-
fixes).
* tty: serial: samsung: fix tx_empty() to return TIOCSER_TEMT (git-fixes).
* tty: vt: fix 20 vs 0x20 typo in EScsiignore (git-fixes).
* ubifs: Queue up space reservation tasks if retrying many times (git-fixes).
* ubifs: Remove unreachable code in dbg_check_ltab_lnum (git-fixes).
* ubifs: Set page uptodate in the correct place (git-fixes).
* ubifs: dbg_check_idx_size: Fix kmemleak if loading znode failed (git-fixes).
* ubifs: fix sort function prototype (git-fixes).
* usb: audio-v2: Correct comments for struct uac_clock_selector_descriptor
(git-fixes).
* usb: cdc-wdm: close race between read and workqueue (git-fixes).
* usb: core: Fix deadlock in usb_deauthorize_interface() (git-fixes).
* usb: dwc2: gadget: Fix exiting from clock gating (git-fixes).
* usb: dwc2: gadget: LPM flow fix (git-fixes).
* usb: dwc2: host: Fix ISOC flow in DDMA mode (git-fixes).
* usb: dwc2: host: Fix hibernation flow (git-fixes).
* usb: dwc2: host: Fix remote wakeup from hibernation (git-fixes).
* usb: dwc3: Properly set system wakeup (git-fixes).
* usb: gadget: ncm: Fix handling of zero block length packets (git-fixes).
* usb: gadget: net2272: Use irqflags in the call to net2272_probe_fin (git-
fixes).
* usb: port: Do not try to peer unused USB ports based on location (git-
fixes).
* usb: typec: Return size of buffer if pd_set operation succeeds (git-fixes).
* usb: typec: ucsi: Check for notifications after init (git-fixes).
* usb: typec: ucsi: Clean up UCSI_CABLE_PROP macros (git-fixes).
* usb: typec: ucsi: Clear EVENT_PENDING under PPM lock (git-fixes).
* usb: usb-storage: Prevent divide-by-0 error in isd200_ata_command (git-
fixes).
* usb: xhci: Add error handling in xhci_map_urb_for_dma (git-fixes).
* vboxsf: Avoid an spurious warning if load_nls_xxx() fails (git-fixes).
* vt: fix unicode buffer corruption when deleting characters (git-fixes).
* watchdog: stm32_iwdg: initialize default timeout (git-fixes).
* wifi: ath10k: fix NULL pointer dereference in
ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev() (git-fixes).
* wifi: ath11k: decrease MHI channel buffer length to 8KB (bsc#1207948).
* wifi: ath11k: initialize rx_mcs_80 and rx_mcs_160 before use (git-fixes).
* wifi: ath9k: delay all of ath9k_wmi_event_tasklet() until init is complete
(git-fixes).
* wifi: b43: Disable QoS for bcm4331 (git-fixes).
* wifi: b43: Stop correct queue in DMA worker when QoS is disabled (git-
fixes).
* wifi: b43: Stop/wake correct queue in DMA Tx path when QoS is disabled (git-
fixes).
* wifi: b43: Stop/wake correct queue in PIO Tx path when QoS is disabled (git-
fixes).
* wifi: brcmfmac: fix copyright year mentioned in platform_data header (git-
fixes).
* wifi: brcmsmac: avoid function pointer casts (git-fixes).
* wifi: iwlwifi: dbg-tlv: ensure NUL termination (git-fixes).
* wifi: iwlwifi: fix EWRD table validity check (git-fixes).
* wifi: iwlwifi: fw: do not always use FW dump trig (git-fixes).
* wifi: iwlwifi: mvm: do not set replay counters to 0xff (git-fixes).
* wifi: iwlwifi: mvm: report beacon protection failures (git-fixes).
* wifi: iwlwifi: mvm: rfi: fix potential response leaks (git-fixes).
* wifi: iwlwifi: mvm: use FW rate for non-data only on new devices (git-
fixes).
* wifi: libertas: fix some memleaks in lbs_allocate_cmd_buffer() (git-fixes).
* wifi: mwifiex: debugfs: Drop unnecessary error check for
debugfs_create_dir() (git-fixes).
* wifi: rtl8xxxu: add cancel_work_sync() for c2hcmd_work (git-fixes).
* wifi: rtw88: 8821c: Fix false alarm count (git-fixes).
* wifi: wilc1000: fix RCU usage in connect path (git-fixes).
* wifi: wilc1000: fix declarations ordering (stable-fixes).
* wifi: wilc1000: fix multi-vif management when deleting a vif (git-fixes).
* wifi: wilc1000: prevent use-after-free on vif when cleaning up all
interfaces (git-fixes).
* x86/CPU/AMD: Update the Zenbleed microcode revisions (git-fixes).
* x86/bugs: Fix the SRSO mitigation on Zen3/4 (git-fixes).
* x86/fpu: Keep xfd_state in sync with MSR_IA32_XFD (git-fixes).
* xhci: handle isoc Babble and Buffer Overrun events properly (git-fixes).
* xhci: process isoc TD properly when there was a transaction error mid TD
(git-fixes).

## Special Instructions and Notes:

* Please reboot the system after installing this update.

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.5
zypper in -t patch SUSE-2024-1332=1 openSUSE-SLE-15.5-2024-1332=1

* Public Cloud Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP5-2024-1332=1

## Package List:

* openSUSE Leap 15.5 (aarch64 x86_64)
* kernel-azure-extra-5.14.21-150500.33.42.1
* cluster-md-kmp-azure-debuginfo-5.14.21-150500.33.42.1
* kernel-azure-optional-5.14.21-150500.33.42.1
* reiserfs-kmp-azure-5.14.21-150500.33.42.1
* gfs2-kmp-azure-5.14.21-150500.33.42.1
* kernel-syms-azure-5.14.21-150500.33.42.1
* kernel-azure-devel-5.14.21-150500.33.42.1
* kselftests-kmp-azure-5.14.21-150500.33.42.1
* kselftests-kmp-azure-debuginfo-5.14.21-150500.33.42.1
* kernel-azure-extra-debuginfo-5.14.21-150500.33.42.1
* reiserfs-kmp-azure-debuginfo-5.14.21-150500.33.42.1
* gfs2-kmp-azure-debuginfo-5.14.21-150500.33.42.1
* cluster-md-kmp-azure-5.14.21-150500.33.42.1
* kernel-azure-devel-debuginfo-5.14.21-150500.33.42.1
* kernel-azure-debuginfo-5.14.21-150500.33.42.1
* ocfs2-kmp-azure-debuginfo-5.14.21-150500.33.42.1
* kernel-azure-livepatch-devel-5.14.21-150500.33.42.1
* kernel-azure-debugsource-5.14.21-150500.33.42.1
* dlm-kmp-azure-5.14.21-150500.33.42.1
* kernel-azure-optional-debuginfo-5.14.21-150500.33.42.1
* dlm-kmp-azure-debuginfo-5.14.21-150500.33.42.1
* ocfs2-kmp-azure-5.14.21-150500.33.42.1
* openSUSE Leap 15.5 (aarch64 nosrc x86_64)
* kernel-azure-5.14.21-150500.33.42.1
* openSUSE Leap 15.5 (x86_64)
* kernel-azure-vdso-debuginfo-5.14.21-150500.33.42.1
* kernel-azure-vdso-5.14.21-150500.33.42.1
* openSUSE Leap 15.5 (noarch)
* kernel-devel-azure-5.14.21-150500.33.42.1
* kernel-source-azure-5.14.21-150500.33.42.1
* Public Cloud Module 15-SP5 (aarch64 nosrc x86_64)
* kernel-azure-5.14.21-150500.33.42.1
* Public Cloud Module 15-SP5 (aarch64 x86_64)
* kernel-syms-azure-5.14.21-150500.33.42.1
* kernel-azure-devel-5.14.21-150500.33.42.1
* kernel-azure-debugsource-5.14.21-150500.33.42.1
* kernel-azure-devel-debuginfo-5.14.21-150500.33.42.1
* kernel-azure-debuginfo-5.14.21-150500.33.42.1
* Public Cloud Module 15-SP5 (noarch)
* kernel-devel-azure-5.14.21-150500.33.42.1
* kernel-source-azure-5.14.21-150500.33.42.1

## References:

* https://www.suse.com/security/cve/CVE-2021-46925.html
* https://www.suse.com/security/cve/CVE-2021-46926.html
* https://www.suse.com/security/cve/CVE-2021-46927.html
* https://www.suse.com/security/cve/CVE-2021-46929.html
* https://www.suse.com/security/cve/CVE-2021-46930.html
* https://www.suse.com/security/cve/CVE-2021-46931.html
* https://www.suse.com/security/cve/CVE-2021-46933.html
* https://www.suse.com/security/cve/CVE-2021-46936.html
* https://www.suse.com/security/cve/CVE-2021-47082.html
* https://www.suse.com/security/cve/CVE-2021-47087.html
* https://www.suse.com/security/cve/CVE-2021-47091.html
* https://www.suse.com/security/cve/CVE-2021-47093.html
* https://www.suse.com/security/cve/CVE-2021-47094.html
* https://www.suse.com/security/cve/CVE-2021-47095.html
* https://www.suse.com/security/cve/CVE-2021-47096.html
* https://www.suse.com/security/cve/CVE-2021-47097.html
* https://www.suse.com/security/cve/CVE-2021-47098.html
* https://www.suse.com/security/cve/CVE-2021-47099.html
* https://www.suse.com/security/cve/CVE-2021-47100.html
* https://www.suse.com/security/cve/CVE-2021-47101.html
* https://www.suse.com/security/cve/CVE-2021-47102.html
* https://www.suse.com/security/cve/CVE-2021-47104.html
* https://www.suse.com/security/cve/CVE-2021-47105.html
* https://www.suse.com/security/cve/CVE-2021-47107.html
* https://www.suse.com/security/cve/CVE-2021-47108.html
* https://www.suse.com/security/cve/CVE-2022-4744.html
* https://www.suse.com/security/cve/CVE-2022-48626.html
* https://www.suse.com/security/cve/CVE-2022-48629.html
* https://www.suse.com/security/cve/CVE-2022-48630.html
* https://www.suse.com/security/cve/CVE-2023-0160.html
* https://www.suse.com/security/cve/CVE-2023-28746.html
* https://www.suse.com/security/cve/CVE-2023-35827.html
* https://www.suse.com/security/cve/CVE-2023-4881.html
* https://www.suse.com/security/cve/CVE-2023-52447.html
* https://www.suse.com/security/cve/CVE-2023-52450.html
* https://www.suse.com/security/cve/CVE-2023-52453.html
* https://www.suse.com/security/cve/CVE-2023-52454.html
* https://www.suse.com/security/cve/CVE-2023-52469.html
* https://www.suse.com/security/cve/CVE-2023-52470.html
* https://www.suse.com/security/cve/CVE-2023-52474.html
* https://www.suse.com/security/cve/CVE-2023-52476.html
* https://www.suse.com/security/cve/CVE-2023-52477.html
* https://www.suse.com/security/cve/CVE-2023-52481.html
* https://www.suse.com/security/cve/CVE-2023-52484.html
* https://www.suse.com/security/cve/CVE-2023-52486.html
* https://www.suse.com/security/cve/CVE-2023-52492.html
* https://www.suse.com/security/cve/CVE-2023-52493.html
* https://www.suse.com/security/cve/CVE-2023-52494.html
* https://www.suse.com/security/cve/CVE-2023-52497.html
* https://www.suse.com/security/cve/CVE-2023-52500.html
* https://www.suse.com/security/cve/CVE-2023-52501.html
* https://www.suse.com/security/cve/CVE-2023-52502.html
* https://www.suse.com/security/cve/CVE-2023-52504.html
* https://www.suse.com/security/cve/CVE-2023-52507.html
* https://www.suse.com/security/cve/CVE-2023-52508.html
* https://www.suse.com/security/cve/CVE-2023-52509.html
* https://www.suse.com/security/cve/CVE-2023-52510.html
* https://www.suse.com/security/cve/CVE-2023-52511.html
* https://www.suse.com/security/cve/CVE-2023-52513.html
* https://www.suse.com/security/cve/CVE-2023-52515.html
* https://www.suse.com/security/cve/CVE-2023-52517.html
* https://www.suse.com/security/cve/CVE-2023-52518.html
* https://www.suse.com/security/cve/CVE-2023-52519.html
* https://www.suse.com/security/cve/CVE-2023-52520.html
* https://www.suse.com/security/cve/CVE-2023-52523.html
* https://www.suse.com/security/cve/CVE-2023-52524.html
* https://www.suse.com/security/cve/CVE-2023-52525.html
* https://www.suse.com/security/cve/CVE-2023-52528.html
* https://www.suse.com/security/cve/CVE-2023-52529.html
* https://www.suse.com/security/cve/CVE-2023-52532.html
* https://www.suse.com/security/cve/CVE-2023-52563.html
* https://www.suse.com/security/cve/CVE-2023-52564.html
* https://www.suse.com/security/cve/CVE-2023-52566.html
* https://www.suse.com/security/cve/CVE-2023-52567.html
* https://www.suse.com/security/cve/CVE-2023-52569.html
* https://www.suse.com/security/cve/CVE-2023-52574.html
* https://www.suse.com/security/cve/CVE-2023-52575.html
* https://www.suse.com/security/cve/CVE-2023-52576.html
* https://www.suse.com/security/cve/CVE-2023-52582.html
* https://www.suse.com/security/cve/CVE-2023-52583.html
* https://www.suse.com/security/cve/CVE-2023-52587.html
* https://www.suse.com/security/cve/CVE-2023-52591.html
* https://www.suse.com/security/cve/CVE-2023-52594.html
* https://www.suse.com/security/cve/CVE-2023-52595.html
* https://www.suse.com/security/cve/CVE-2023-52597.html
* https://www.suse.com/security/cve/CVE-2023-52598.html
* https://www.suse.com/security/cve/CVE-2023-52599.html
* https://www.suse.com/security/cve/CVE-2023-52600.html
* https://www.suse.com/security/cve/CVE-2023-52601.html
* https://www.suse.com/security/cve/CVE-2023-52602.html
* https://www.suse.com/security/cve/CVE-2023-52603.html
* https://www.suse.com/security/cve/CVE-2023-52604.html
* https://www.suse.com/security/cve/CVE-2023-52605.html
* https://www.suse.com/security/cve/CVE-2023-52606.html
* https://www.suse.com/security/cve/CVE-2023-52607.html
* https://www.suse.com/security/cve/CVE-2023-52608.html
* https://www.suse.com/security/cve/CVE-2023-52612.html
* https://www.suse.com/security/cve/CVE-2023-52615.html
* https://www.suse.com/security/cve/CVE-2023-52617.html
* https://www.suse.com/security/cve/CVE-2023-52619.html
* https://www.suse.com/security/cve/CVE-2023-52621.html
* https://www.suse.com/security/cve/CVE-2023-52623.html
* https://www.suse.com/security/cve/CVE-2023-52628.html
* https://www.suse.com/security/cve/CVE-2023-52632.html
* https://www.suse.com/security/cve/CVE-2023-52637.html
* https://www.suse.com/security/cve/CVE-2023-52639.html
* https://www.suse.com/security/cve/CVE-2023-6356.html
* https://www.suse.com/security/cve/CVE-2023-6535.html
* https://www.suse.com/security/cve/CVE-2023-6536.html
* https://www.suse.com/security/cve/CVE-2023-7042.html
* https://www.suse.com/security/cve/CVE-2023-7192.html
* https://www.suse.com/security/cve/CVE-2024-0841.html
* https://www.suse.com/security/cve/CVE-2024-2201.html
* https://www.suse.com/security/cve/CVE-2024-22099.html
* https://www.suse.com/security/cve/CVE-2024-23307.html
* https://www.suse.com/security/cve/CVE-2024-25739.html
* https://www.suse.com/security/cve/CVE-2024-26599.html
* https://www.suse.com/security/cve/CVE-2024-26600.html
* https://www.suse.com/security/cve/CVE-2024-26602.html
* https://www.suse.com/security/cve/CVE-2024-26612.html
* https://www.suse.com/security/cve/CVE-2024-26614.html
* https://www.suse.com/security/cve/CVE-2024-26620.html
* https://www.suse.com/security/cve/CVE-2024-26627.html
* https://www.suse.com/security/cve/CVE-2024-26629.html
* https://www.suse.com/security/cve/CVE-2024-26642.html
* https://www.suse.com/security/cve/CVE-2024-26645.html
* https://www.suse.com/security/cve/CVE-2024-26646.html
* https://www.suse.com/security/cve/CVE-2024-26651.html
* https://www.suse.com/security/cve/CVE-2024-26654.html
* https://www.suse.com/security/cve/CVE-2024-26659.html
* https://www.suse.com/security/cve/CVE-2024-26664.html
* https://www.suse.com/security/cve/CVE-2024-26667.html
* https://www.suse.com/security/cve/CVE-2024-26670.html
* https://www.suse.com/security/cve/CVE-2024-26695.html
* https://www.suse.com/security/cve/CVE-2024-26717.html
* https://bugzilla.suse.com/show_bug.cgi?id=1194869
* https://bugzilla.suse.com/show_bug.cgi?id=1200465
* https://bugzilla.suse.com/show_bug.cgi?id=1205316
* https://bugzilla.suse.com/show_bug.cgi?id=1207948
* https://bugzilla.suse.com/show_bug.cgi?id=1209635
* https://bugzilla.suse.com/show_bug.cgi?id=1209657
* https://bugzilla.suse.com/show_bug.cgi?id=1212514
* https://bugzilla.suse.com/show_bug.cgi?id=1213456
* https://bugzilla.suse.com/show_bug.cgi?id=1214852
* https://bugzilla.suse.com/show_bug.cgi?id=1215221
* https://bugzilla.suse.com/show_bug.cgi?id=1215322
* https://bugzilla.suse.com/show_bug.cgi?id=1217339
* https://bugzilla.suse.com/show_bug.cgi?id=1217959
* https://bugzilla.suse.com/show_bug.cgi?id=1217987
* https://bugzilla.suse.com/show_bug.cgi?id=1217988
* https://bugzilla.suse.com/show_bug.cgi?id=1217989
* https://bugzilla.suse.com/show_bug.cgi?id=1218321
* https://bugzilla.suse.com/show_bug.cgi?id=1218336
* https://bugzilla.suse.com/show_bug.cgi?id=1218479
* https://bugzilla.suse.com/show_bug.cgi?id=1218643
* https://bugzilla.suse.com/show_bug.cgi?id=1218777
* https://bugzilla.suse.com/show_bug.cgi?id=1219169
* https://bugzilla.suse.com/show_bug.cgi?id=1219170
* https://bugzilla.suse.com/show_bug.cgi?id=1219264
* https://bugzilla.suse.com/show_bug.cgi?id=1219834
* https://bugzilla.suse.com/show_bug.cgi?id=1220114
* https://bugzilla.suse.com/show_bug.cgi?id=1220176
* https://bugzilla.suse.com/show_bug.cgi?id=1220237
* https://bugzilla.suse.com/show_bug.cgi?id=1220251
* https://bugzilla.suse.com/show_bug.cgi?id=1220320
* https://bugzilla.suse.com/show_bug.cgi?id=1220337
* https://bugzilla.suse.com/show_bug.cgi?id=1220340
* https://bugzilla.suse.com/show_bug.cgi?id=1220365
* https://bugzilla.suse.com/show_bug.cgi?id=1220366
* https://bugzilla.suse.com/show_bug.cgi?id=1220398
* https://bugzilla.suse.com/show_bug.cgi?id=1220411
* https://bugzilla.suse.com/show_bug.cgi?id=1220413
* https://bugzilla.suse.com/show_bug.cgi?id=1220439
* https://bugzilla.suse.com/show_bug.cgi?id=1220443
* https://bugzilla.suse.com/show_bug.cgi?id=1220445
* https://bugzilla.suse.com/show_bug.cgi?id=1220466
* https://bugzilla.suse.com/show_bug.cgi?id=1220478
* https://bugzilla.suse.com/show_bug.cgi?id=1220482
* https://bugzilla.suse.com/show_bug.cgi?id=1220484
* https://bugzilla.suse.com/show_bug.cgi?id=1220486
* https://bugzilla.suse.com/show_bug.cgi?id=1220487
* https://bugzilla.suse.com/show_bug.cgi?id=1220492
* https://bugzilla.suse.com/show_bug.cgi?id=1220703
* https://bugzilla.suse.com/show_bug.cgi?id=1220775
* https://bugzilla.suse.com/show_bug.cgi?id=1220790
* https://bugzilla.suse.com/show_bug.cgi?id=1220797
* https://bugzilla.suse.com/show_bug.cgi?id=1220831
* https://bugzilla.suse.com/show_bug.cgi?id=1220833
* https://bugzilla.suse.com/show_bug.cgi?id=1220836
* https://bugzilla.suse.com/show_bug.cgi?id=1220839
* https://bugzilla.suse.com/show_bug.cgi?id=1220840
* https://bugzilla.suse.com/show_bug.cgi?id=1220843
* https://bugzilla.suse.com/show_bug.cgi?id=1220870
* https://bugzilla.suse.com/show_bug.cgi?id=1220871
* https://bugzilla.suse.com/show_bug.cgi?id=1220872
* https://bugzilla.suse.com/show_bug.cgi?id=1220878
* https://bugzilla.suse.com/show_bug.cgi?id=1220879
* https://bugzilla.suse.com/show_bug.cgi?id=1220883
* https://bugzilla.suse.com/show_bug.cgi?id=1220885
* https://bugzilla.suse.com/show_bug.cgi?id=1220887
* https://bugzilla.suse.com/show_bug.cgi?id=1220898
* https://bugzilla.suse.com/show_bug.cgi?id=1220918
* https://bugzilla.suse.com/show_bug.cgi?id=1220920
* https://bugzilla.suse.com/show_bug.cgi?id=1220921
* https://bugzilla.suse.com/show_bug.cgi?id=1220926
* https://bugzilla.suse.com/show_bug.cgi?id=1220927
* https://bugzilla.suse.com/show_bug.cgi?id=1220929
* https://bugzilla.suse.com/show_bug.cgi?id=1220932
* https://bugzilla.suse.com/show_bug.cgi?id=1220937
* https://bugzilla.suse.com/show_bug.cgi?id=1220938
* https://bugzilla.suse.com/show_bug.cgi?id=1220940
* https://bugzilla.suse.com/show_bug.cgi?id=1220954
* https://bugzilla.suse.com/show_bug.cgi?id=1220955
* https://bugzilla.suse.com/show_bug.cgi?id=1220959
* https://bugzilla.suse.com/show_bug.cgi?id=1220960
* https://bugzilla.suse.com/show_bug.cgi?id=1220961
* https://bugzilla.suse.com/show_bug.cgi?id=1220965
* https://bugzilla.suse.com/show_bug.cgi?id=1220969
* https://bugzilla.suse.com/show_bug.cgi?id=1220978
* https://bugzilla.suse.com/show_bug.cgi?id=1220979
* https://bugzilla.suse.com/show_bug.cgi?id=1220981
* https://bugzilla.suse.com/show_bug.cgi?id=1220982
* https://bugzilla.suse.com/show_bug.cgi?id=1220983
* https://bugzilla.suse.com/show_bug.cgi?id=1220985
* https://bugzilla.suse.com/show_bug.cgi?id=1220986
* https://bugzilla.suse.com/show_bug.cgi?id=1220987
* https://bugzilla.suse.com/show_bug.cgi?id=1220989
* https://bugzilla.suse.com/show_bug.cgi?id=1220990
* https://bugzilla.suse.com/show_bug.cgi?id=1221009
* https://bugzilla.suse.com/show_bug.cgi?id=1221012
* https://bugzilla.suse.com/show_bug.cgi?id=1221015
* https://bugzilla.suse.com/show_bug.cgi?id=1221022
* https://bugzilla.suse.com/show_bug.cgi?id=1221039
* https://bugzilla.suse.com/show_bug.cgi?id=1221040
* https://bugzilla.suse.com/show_bug.cgi?id=1221044
* https://bugzilla.suse.com/show_bug.cgi?id=1221045
* https://bugzilla.suse.com/show_bug.cgi?id=1221046
* https://bugzilla.suse.com/show_bug.cgi?id=1221048
* https://bugzilla.suse.com/show_bug.cgi?id=1221055
* https://bugzilla.suse.com/show_bug.cgi?id=1221056
* https://bugzilla.suse.com/show_bug.cgi?id=1221058
* https://bugzilla.suse.com/show_bug.cgi?id=1221060
* https://bugzilla.suse.com/show_bug.cgi?id=1221061
* https://bugzilla.suse.com/show_bug.cgi?id=1221062
* https://bugzilla.suse.com/show_bug.cgi?id=1221066
* https://bugzilla.suse.com/show_bug.cgi?id=1221067
* https://bugzilla.suse.com/show_bug.cgi?id=1221068
* https://bugzilla.suse.com/show_bug.cgi?id=1221069
* https://bugzilla.suse.com/show_bug.cgi?id=1221070
* https://bugzilla.suse.com/show_bug.cgi?id=1221071
* https://bugzilla.suse.com/show_bug.cgi?id=1221077
* https://bugzilla.suse.com/show_bug.cgi?id=1221082
* https://bugzilla.suse.com/show_bug.cgi?id=1221090
* https://bugzilla.suse.com/show_bug.cgi?id=1221097
* https://bugzilla.suse.com/show_bug.cgi?id=1221156
* https://bugzilla.suse.com/show_bug.cgi?id=1221252
* https://bugzilla.suse.com/show_bug.cgi?id=1221273
* https://bugzilla.suse.com/show_bug.cgi?id=1221274
* https://bugzilla.suse.com/show_bug.cgi?id=1221276
* https://bugzilla.suse.com/show_bug.cgi?id=1221277
* https://bugzilla.suse.com/show_bug.cgi?id=1221291
* https://bugzilla.suse.com/show_bug.cgi?id=1221293
* https://bugzilla.suse.com/show_bug.cgi?id=1221298
* https://bugzilla.suse.com/show_bug.cgi?id=1221337
* https://bugzilla.suse.com/show_bug.cgi?id=1221338
* https://bugzilla.suse.com/show_bug.cgi?id=1221375
* https://bugzilla.suse.com/show_bug.cgi?id=1221379
* https://bugzilla.suse.com/show_bug.cgi?id=1221551
* https://bugzilla.suse.com/show_bug.cgi?id=1221553
* https://bugzilla.suse.com/show_bug.cgi?id=1221613
* https://bugzilla.suse.com/show_bug.cgi?id=1221614
* https://bugzilla.suse.com/show_bug.cgi?id=1221616
* https://bugzilla.suse.com/show_bug.cgi?id=1221618
* https://bugzilla.suse.com/show_bug.cgi?id=1221631
* https://bugzilla.suse.com/show_bug.cgi?id=1221633
* https://bugzilla.suse.com/show_bug.cgi?id=1221713
* https://bugzilla.suse.com/show_bug.cgi?id=1221777
* https://bugzilla.suse.com/show_bug.cgi?id=1221814
* https://bugzilla.suse.com/show_bug.cgi?id=1221816
* https://bugzilla.suse.com/show_bug.cgi?id=1221830
* https://bugzilla.suse.com/show_bug.cgi?id=1221951
* https://bugzilla.suse.com/show_bug.cgi?id=1222033
* https://bugzilla.suse.com/show_bug.cgi?id=1222056
* https://bugzilla.suse.com/show_bug.cgi?id=1222060
* https://bugzilla.suse.com/show_bug.cgi?id=1222070
* https://bugzilla.suse.com/show_bug.cgi?id=1222073
* https://bugzilla.suse.com/show_bug.cgi?id=1222117
* https://bugzilla.suse.com/show_bug.cgi?id=1222274
* https://bugzilla.suse.com/show_bug.cgi?id=1222291
* https://bugzilla.suse.com/show_bug.cgi?id=1222300
* https://bugzilla.suse.com/show_bug.cgi?id=1222304
* https://bugzilla.suse.com/show_bug.cgi?id=1222317
* https://bugzilla.suse.com/show_bug.cgi?id=1222331
* https://bugzilla.suse.com/show_bug.cgi?id=1222355
* https://bugzilla.suse.com/show_bug.cgi?id=1222356
* https://bugzilla.suse.com/show_bug.cgi?id=1222360
* https://bugzilla.suse.com/show_bug.cgi?id=1222366
* https://bugzilla.suse.com/show_bug.cgi?id=1222373
* https://bugzilla.suse.com/show_bug.cgi?id=1222619
* https://jira.suse.com/browse/PED-5759
* https://jira.suse.com/browse/PED-7167
* https://jira.suse.com/browse/PED-7619



SUSE-SU-2024:1322-2: important: Security update for the Linux Kernel


# Security update for the Linux Kernel

Announcement ID: SUSE-SU-2024:1322-2
Rating: important
References:

* bsc#1194869
* bsc#1200465
* bsc#1205316
* bsc#1207948
* bsc#1209635
* bsc#1209657
* bsc#1212514
* bsc#1213456
* bsc#1214852
* bsc#1215221
* bsc#1215322
* bsc#1217339
* bsc#1217959
* bsc#1217987
* bsc#1217988
* bsc#1217989
* bsc#1218321
* bsc#1218336
* bsc#1218479
* bsc#1218562
* bsc#1218643
* bsc#1218777
* bsc#1219169
* bsc#1219170
* bsc#1219264
* bsc#1219834
* bsc#1220114
* bsc#1220176
* bsc#1220237
* bsc#1220251
* bsc#1220320
* bsc#1220325
* bsc#1220328
* bsc#1220337
* bsc#1220340
* bsc#1220365
* bsc#1220366
* bsc#1220398
* bsc#1220411
* bsc#1220413
* bsc#1220433
* bsc#1220439
* bsc#1220443
* bsc#1220445
* bsc#1220466
* bsc#1220469
* bsc#1220478
* bsc#1220482
* bsc#1220484
* bsc#1220486
* bsc#1220487
* bsc#1220492
* bsc#1220703
* bsc#1220735
* bsc#1220736
* bsc#1220775
* bsc#1220790
* bsc#1220797
* bsc#1220831
* bsc#1220833
* bsc#1220836
* bsc#1220839
* bsc#1220840
* bsc#1220843
* bsc#1220845
* bsc#1220848
* bsc#1220870
* bsc#1220871
* bsc#1220872
* bsc#1220878
* bsc#1220879
* bsc#1220883
* bsc#1220885
* bsc#1220887
* bsc#1220898
* bsc#1220917
* bsc#1220918
* bsc#1220920
* bsc#1220921
* bsc#1220926
* bsc#1220927
* bsc#1220929
* bsc#1220930
* bsc#1220931
* bsc#1220932
* bsc#1220933
* bsc#1220937
* bsc#1220938
* bsc#1220940
* bsc#1220954
* bsc#1220955
* bsc#1220959
* bsc#1220960
* bsc#1220961
* bsc#1220965
* bsc#1220969
* bsc#1220978
* bsc#1220979
* bsc#1220981
* bsc#1220982
* bsc#1220983
* bsc#1220985
* bsc#1220986
* bsc#1220987
* bsc#1220989
* bsc#1220990
* bsc#1221009
* bsc#1221012
* bsc#1221015
* bsc#1221022
* bsc#1221039
* bsc#1221040
* bsc#1221044
* bsc#1221045
* bsc#1221046
* bsc#1221048
* bsc#1221055
* bsc#1221056
* bsc#1221058
* bsc#1221060
* bsc#1221061
* bsc#1221062
* bsc#1221066
* bsc#1221067
* bsc#1221068
* bsc#1221069
* bsc#1221070
* bsc#1221071
* bsc#1221077
* bsc#1221082
* bsc#1221090
* bsc#1221097
* bsc#1221156
* bsc#1221252
* bsc#1221273
* bsc#1221274
* bsc#1221276
* bsc#1221277
* bsc#1221291
* bsc#1221293
* bsc#1221298
* bsc#1221337
* bsc#1221338
* bsc#1221375
* bsc#1221379
* bsc#1221551
* bsc#1221553
* bsc#1221613
* bsc#1221614
* bsc#1221616
* bsc#1221618
* bsc#1221631
* bsc#1221633
* bsc#1221713
* bsc#1221725
* bsc#1221777
* bsc#1221814
* bsc#1221816
* bsc#1221830
* bsc#1221951
* bsc#1222033
* bsc#1222056
* bsc#1222060
* bsc#1222070
* bsc#1222073
* bsc#1222117
* bsc#1222274
* bsc#1222291
* bsc#1222300
* bsc#1222304
* bsc#1222317
* bsc#1222331
* bsc#1222355
* bsc#1222356
* bsc#1222360
* bsc#1222366
* bsc#1222373
* bsc#1222619
* jsc#PED-5759
* jsc#PED-7167
* jsc#PED-7618
* jsc#PED-7619

Cross-References:

* CVE-2021-46925
* CVE-2021-46926
* CVE-2021-46927
* CVE-2021-46929
* CVE-2021-46930
* CVE-2021-46931
* CVE-2021-46933
* CVE-2021-46934
* CVE-2021-46936
* CVE-2021-47082
* CVE-2021-47083
* CVE-2021-47087
* CVE-2021-47091
* CVE-2021-47093
* CVE-2021-47094
* CVE-2021-47095
* CVE-2021-47096
* CVE-2021-47097
* CVE-2021-47098
* CVE-2021-47099
* CVE-2021-47100
* CVE-2021-47101
* CVE-2021-47102
* CVE-2021-47104
* CVE-2021-47105
* CVE-2021-47107
* CVE-2021-47108
* CVE-2022-4744
* CVE-2022-48626
* CVE-2022-48627
* CVE-2022-48628
* CVE-2022-48629
* CVE-2022-48630
* CVE-2023-0160
* CVE-2023-28746
* CVE-2023-35827
* CVE-2023-4881
* CVE-2023-52447
* CVE-2023-52450
* CVE-2023-52453
* CVE-2023-52454
* CVE-2023-52462
* CVE-2023-52463
* CVE-2023-52467
* CVE-2023-52469
* CVE-2023-52470
* CVE-2023-52474
* CVE-2023-52476
* CVE-2023-52477
* CVE-2023-52481
* CVE-2023-52482
* CVE-2023-52484
* CVE-2023-52486
* CVE-2023-52492
* CVE-2023-52493
* CVE-2023-52494
* CVE-2023-52497
* CVE-2023-52500
* CVE-2023-52501
* CVE-2023-52502
* CVE-2023-52504
* CVE-2023-52507
* CVE-2023-52508
* CVE-2023-52509
* CVE-2023-52510
* CVE-2023-52511
* CVE-2023-52513
* CVE-2023-52515
* CVE-2023-52517
* CVE-2023-52518
* CVE-2023-52519
* CVE-2023-52520
* CVE-2023-52523
* CVE-2023-52524
* CVE-2023-52525
* CVE-2023-52528
* CVE-2023-52529
* CVE-2023-52530
* CVE-2023-52531
* CVE-2023-52532
* CVE-2023-52559
* CVE-2023-52563
* CVE-2023-52564
* CVE-2023-52566
* CVE-2023-52567
* CVE-2023-52569
* CVE-2023-52574
* CVE-2023-52575
* CVE-2023-52576
* CVE-2023-52582
* CVE-2023-52583
* CVE-2023-52587
* CVE-2023-52591
* CVE-2023-52594
* CVE-2023-52595
* CVE-2023-52597
* CVE-2023-52598
* CVE-2023-52599
* CVE-2023-52600
* CVE-2023-52601
* CVE-2023-52602
* CVE-2023-52603
* CVE-2023-52604
* CVE-2023-52605
* CVE-2023-52606
* CVE-2023-52607
* CVE-2023-52608
* CVE-2023-52612
* CVE-2023-52615
* CVE-2023-52617
* CVE-2023-52619
* CVE-2023-52621
* CVE-2023-52623
* CVE-2023-52628
* CVE-2023-52632
* CVE-2023-52637
* CVE-2023-52639
* CVE-2023-6270
* CVE-2023-6356
* CVE-2023-6535
* CVE-2023-6536
* CVE-2023-7042
* CVE-2023-7192
* CVE-2024-0841
* CVE-2024-2201
* CVE-2024-22099
* CVE-2024-23307
* CVE-2024-25739
* CVE-2024-25742
* CVE-2024-26599
* CVE-2024-26600
* CVE-2024-26602
* CVE-2024-26607
* CVE-2024-26612
* CVE-2024-26614
* CVE-2024-26620
* CVE-2024-26627
* CVE-2024-26629
* CVE-2024-26642
* CVE-2024-26645
* CVE-2024-26646
* CVE-2024-26651
* CVE-2024-26654
* CVE-2024-26659
* CVE-2024-26664
* CVE-2024-26667
* CVE-2024-26670
* CVE-2024-26695
* CVE-2024-26717

CVSS scores:

* CVE-2021-46925 ( SUSE ): 5.3 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-46925 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-46926 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-46927 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-46927 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-46929 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
* CVE-2021-46929 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-46930 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
* CVE-2021-46930 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-46931 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-46931 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-46933 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
* CVE-2021-46933 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-46934 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
* CVE-2021-46934 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
* CVE-2021-46936 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-46936 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2021-47082 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47083 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L
* CVE-2021-47087 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
* CVE-2021-47093 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H
* CVE-2021-47094 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
* CVE-2021-47095 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47096 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
* CVE-2021-47097 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
* CVE-2021-47099 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47100 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47101 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
* CVE-2021-47102 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47104 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
* CVE-2021-47105 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
* CVE-2021-47107 ( SUSE ): 6.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
* CVE-2021-47108 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-4744 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2022-4744 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2022-48626 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
* CVE-2022-48626 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2022-48627 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
* CVE-2022-48628 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L
* CVE-2022-48629 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
* CVE-2022-48630 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-0160 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-0160 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-28746 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
* CVE-2023-35827 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-4881 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L
* CVE-2023-4881 ( NVD ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H
* CVE-2023-52447 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-52447 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-52450 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52450 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52454 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52462 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
* CVE-2023-52462 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
* CVE-2023-52463 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52463 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52467 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52467 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52469 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
* CVE-2023-52469 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-52470 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52470 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52474 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
* CVE-2023-52474 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-52476 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52477 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52482 ( SUSE ): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N
* CVE-2023-52484 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52486 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52492 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52493 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52494 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52497 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
* CVE-2023-52500 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
* CVE-2023-52501 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
* CVE-2023-52502 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-52504 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52507 ( SUSE ): 5.7 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
* CVE-2023-52508 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52509 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-52510 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-52511 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52513 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52515 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52517 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52518 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52519 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52520 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52523 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52524 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52525 ( SUSE ): 3.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
* CVE-2023-52528 ( SUSE ): 3.5 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
* CVE-2023-52529 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52530 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52531 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52532 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52559 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52563 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52564 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52566 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52567 ( SUSE ): 2.3 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L
* CVE-2023-52569 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52574 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52575 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52576 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52582 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52583 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52587 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52591 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
* CVE-2023-52594 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52595 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52597 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:H
* CVE-2023-52598 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52603 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52605 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52606 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52607 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52608 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52612 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H
* CVE-2023-52615 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52617 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52619 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52621 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52623 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52628 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-52632 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52637 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52639 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-6270 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-6270 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-6356 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-6356 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-6535 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-6535 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-6536 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-6536 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-7042 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-7042 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-7192 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-7192 ( NVD ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-0841 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-0841 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-2201 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
* CVE-2024-22099 ( SUSE ): 5.3 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-22099 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-23307 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-23307 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-25739 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-25739 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-25742 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-26599 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
* CVE-2024-26599 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-26600 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26600 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26602 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
* CVE-2024-26602 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26607 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26612 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26614 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26627 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26629 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
* CVE-2024-26642 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26645 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26646 ( SUSE ): 4.9 CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
* CVE-2024-26651 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26654 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26659 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26664 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26667 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26670 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26695 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26717 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected Products:

* openSUSE Leap 15.5
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise Live Patching 15-SP5
* SUSE Linux Enterprise Micro 5.5
* SUSE Linux Enterprise Real Time 15 SP5
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Real Time Module 15-SP5

An update that solves 149 vulnerabilities, contains four features and has 29
security fixes can now be installed.

## Description:

The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various
security bugfixes.

NOTE: This update has been retracted due to a bug in the BHI CPU sidechannel
mitigation, which led to incorrect selection of other CPU mitigations.

The following security bugs were fixed:

* CVE-2021-46925: Fixed kernel panic caused by race of smc_sock (bsc#1220466).
* CVE-2021-46926: Fixed bug when detecting controllers in ALSA/hda/intel-sdw-
acpi (bsc#1220478).
* CVE-2021-46927: Fixed assertion bug in nitro_enclaves: Use
get_user_pages_unlocked() (bsc#1220443).
* CVE-2021-46929: Fixed use-after-free issue in sctp_sock_dump()
(bsc#1220482).
* CVE-2021-46930: Fixed usb/mtu3 list_head check warning (bsc#1220484).
* CVE-2021-46931: Fixed wrong type casting in mlx5e_tx_reporter_dump_sq()
(bsc#1220486).
* CVE-2021-46933: Fixed possible underflow in ffs_data_clear() (bsc#1220487).
* CVE-2021-46934: Fixed a bug by validating user data in compat ioctl
(bsc#1220469).
* CVE-2021-46936: Fixed use-after-free in tw_timer_handler() (bsc#1220439).
* CVE-2021-47082: Fixed ouble free in tun_free_netdev() (bsc#1220969).
* CVE-2021-47083: Fixed a global-out-of-bounds issue in mediatek:
(bsc#1220917).
* CVE-2021-47087: Fixed incorrect page free bug in tee/optee (bsc#1220954).
* CVE-2021-47091: Fixed locking in ieee80211_start_ap()) error path
(bsc#1220959).
* CVE-2021-47093: Fixed memleak on registration failure in intel_pmc_core
(bsc#1220978).
* CVE-2021-47094: Fixed possible memory leak in KVM x86/mmu (bsc#1221551).
* CVE-2021-47095: Fixed missing initialization in ipmi/ssif (bsc#1220979).
* CVE-2021-47096: Fixed uninitalized user_pversion in ALSA rawmidi
(bsc#1220981).
* CVE-2021-47097: Fixed stack out of bound access in
elantech_change_report_id() (bsc#1220982).
* CVE-2021-47098: Fixed integer overflow/underflow in hysteresis calculations
hwmon: (lm90) (bsc#1220983).
* CVE-2021-47099: Fixed BUG_ON assertion in veth when skb entering GRO are
cloned (bsc#1220955).
* CVE-2021-47100: Fixed UAF when uninstall in ipmi (bsc#1220985).
* CVE-2021-47101: Fixed uninit-value in asix_mdio_read() (bsc#1220987).
* CVE-2021-47102: Fixed incorrect structure access In line: upper =
info->upper_dev in net/marvell/prestera (bsc#1221009).
* CVE-2021-47104: Fixed memory leak in qib_user_sdma_queue_pkts()
(bsc#1220960).
* CVE-2021-47105: Fixed potential memory leak in ice/xsk (bsc#1220961).
* CVE-2021-47107: Fixed READDIR buffer overflow in NFSD (bsc#1220965).
* CVE-2021-47108: Fixed possible NULL pointer dereference for mtk_hdmi_conf in
drm/mediatek (bsc#1220986).
* CVE-2022-4744: Fixed double-free that could lead to DoS or privilege
escalation in TUN/TAP device driver functionality (bsc#1209635).
* CVE-2022-48626: Fixed a potential use-after-free on remove path moxart
(bsc#1220366).
* CVE-2022-48627: Fixed a memory overlapping when deleting chars in the buffer
(bsc#1220845).
* CVE-2022-48628: Fixed possible lock in ceph (bsc#1220848).
* CVE-2022-48629: Fixed possible memory leak in qcom-rng (bsc#1220989).
* CVE-2022-48630: Fixed infinite loop on requests not multiple of WORD_SZ in
crypto: qcom-rng (bsc#1220990).
* CVE-2023-0160: Fixed deadlock flaw in BPF that could allow a local user to
potentially crash the system (bsc#1209657).
* CVE-2023-28746: Fixed Register File Data Sampling (bsc#1213456).
* CVE-2023-35827: Fixed a use-after-free issue in ravb_tx_timeout_work()
(bsc#1212514).
* CVE-2023-4881: Fixed a out-of-bounds write flaw in the netfilter subsystem
that could lead to potential information disclosure or a denial of service
(bsc#1215221).
* CVE-2023-52447: Fixed map_fd_put_ptr() signature kABI workaround
(bsc#1220251).
* CVE-2023-52450: Fixed NULL pointer dereference issue in upi_fill_topology()
(bsc#1220237).
* CVE-2023-52453: Fixed data corruption in hisi_acc_vfio_pci (bsc#1220337).
* CVE-2023-52454: Fixed a kernel panic when host sends an invalid H2C PDU
length (bsc#1220320).
* CVE-2023-52462: Fixed check for attempt to corrupt spilled pointer
(bsc#1220325).
* CVE-2023-52463: Fixed null pointer dereference in efivarfs (bsc#1220328).
* CVE-2023-52467: Fixed a null pointer dereference in of_syscon_register
(bsc#1220433).
* CVE-2023-52469: Fixed a use-after-free in kv_parse_power_table
(bsc#1220411).
* CVE-2023-52470: Fixed null-ptr-deref in radeon_crtc_init() (bsc#1220413).
* CVE-2023-52474: Fixed a vulnerability with non-PAGE_SIZE-end multi-iovec
user SDMA requests (bsc#1220445).
* CVE-2023-52476: Fixed possible unhandled page fault via perf sampling NMI
during vsyscall (bsc#1220703).
* CVE-2023-52477: Fixed USB Hub accesses to uninitialized BOS descriptors
(bsc#1220790).
* CVE-2023-52481: Fixed speculative unprivileged load in Cortex-A520
(bsc#1220887).
* CVE-2023-52482: Fixed a bug by adding SRSO mitigation for Hygon processors
(bsc#1220735).
* CVE-2023-52484: Fixed a soft lockup triggered by
arm_smmu_mm_invalidate_range (bsc#1220797).
* CVE-2023-52486: Fixed possible use-after-free in drm (bsc#1221277).
* CVE-2023-52492: Fixed a null-pointer-dereference in channel unregistration
function __dma_async_device_channel_register() (bsc#1221276).
* CVE-2023-52493: Fixed possible soft lockup in bus/mhi/host (bsc#1221274).
* CVE-2023-52494: Fixed missing alignment check for event ring read pointer in
bus/mhi/host (bsc#1221273).
* CVE-2023-52497: Fixed data corruption in erofs (bsc#1220879).
* CVE-2023-52500: Fixed information leaking when processing
OPC_INB_SET_CONTROLLER_CONFIG command (bsc#1220883).
* CVE-2023-52501: Fixed possible memory corruption in ring-buffer
(bsc#1220885).
* CVE-2023-52502: Fixed a race condition in nfc_llcp_sock_get() and
nfc_llcp_sock_get_sn() (bsc#1220831).
* CVE-2023-52504: Fixed possible out-of bounds in apply_alternatives() on a
5-level paging machine (bsc#1221553).
* CVE-2023-52507: Fixed possible shift-out-of-bounds in nfc/nci (bsc#1220833).
* CVE-2023-52508: Fixed null pointer dereference in nvme_fc_io_getuuid()
(bsc#1221015).
* CVE-2023-52509: Fixed a use-after-free issue in ravb_tx_timeout_work()
(bsc#1220836).
* CVE-2023-52510: Fixed a potential UAF in ca8210_probe() (bsc#1220898).
* CVE-2023-52511: Fixed possible memory corruption in spi/sun6i (bsc#1221012).
* CVE-2023-52513: Fixed connection failure handling in RDMA/siw (bsc#1221022).
* CVE-2023-52515: Fixed possible use-after-free in RDMA/srp (bsc#1221048).
* CVE-2023-52517: Fixed race between DMA RX transfer completion and RX FIFO
drain in spi/sun6i (bsc#1221055).
* CVE-2023-52518: Fixed information leak in bluetooth/hci_codec (bsc#1221056).
* CVE-2023-52519: Fixed possible overflow in HID/intel-ish-hid/ipc
(bsc#1220920).
* CVE-2023-52520: Fixed reference leak in platform/x86/think-lmi
(bsc#1220921).
* CVE-2023-52523: Fixed wrong redirects to non-TCP sockets in bpf
(bsc#1220926).
* CVE-2023-52524: Fixed possible corruption in nfc/llcp (bsc#1220927).
* CVE-2023-52525: Fixed out of bounds check mwifiex_process_rx_packet()
(bsc#1220840).
* CVE-2023-52528: Fixed uninit-value access in __smsc75xx_read_reg()
(bsc#1220843).
* CVE-2023-52529: Fixed a potential memory leak in sony_probe() (bsc#1220929).
* CVE-2023-52530: Fixed a potential key use-after-free in wifi mac80211
(bsc#1220930).
* CVE-2023-52531: Fixed a memory corruption issue in iwlwifi (bsc#1220931).
* CVE-2023-52532: Fixed a bug in TX CQE error handling (bsc#1220932).
* CVE-2023-52559: Fixed a bug by avoiding memory allocation in iommu_suspend
(bsc#1220933).
* CVE-2023-52563: Fixed memory leak on ->hpd_notify callback() in drm/meson
(bsc#1220937).
* CVE-2023-52564: Reverted invalid fix for UAF in gsm_cleanup_mux()
(bsc#1220938).
* CVE-2023-52566: Fixed potential use after free in
nilfs_gccache_submit_read_data() (bsc#1220940).
* CVE-2023-52567: Fixed possible Oops in serial/8250_port: when using IRQ
polling (irq = 0) (bsc#1220839).
* CVE-2023-52569: Fixed a bug in btrfs by remoning BUG() after failure to
insert delayed dir index item (bsc#1220918).
* CVE-2023-52574: Fixed a bug by hiding new member header_ops (bsc#1220870).
* CVE-2023-52575: Fixed SBPB enablement for spec_rstack_overflow=off
(bsc#1220871).
* CVE-2023-52576: Fixed potential use after free in memblock_isolate_range()
(bsc#1220872).
* CVE-2023-52582: Fixed possible oops in netfs (bsc#1220878).
* CVE-2023-52583: Fixed deadlock or deadcode of misusing dget() inside ceph
(bsc#1221058).
* CVE-2023-52587: Fixed mcast list locking in IB/ipoib (bsc#1221082).
* CVE-2023-52591: Fixed a possible reiserfs filesystem corruption via
directory renaming (bsc#1221044).
* CVE-2023-52594: Fixed potential array-index-out-of-bounds read in
ath9k_htc_txstatus() (bsc#1221045).
* CVE-2023-52595: Fixed possible deadlock in wifi/rt2x00 (bsc#1221046).
* CVE-2023-52597: Fixed a setting of fpc register in KVM (bsc#1221040).
* CVE-2023-52598: Fixed wrong setting of fpc register in s390/ptrace
(bsc#1221060).
* CVE-2023-52599: Fixed array-index-out-of-bounds in diNewExt() in jfs
(bsc#1221062).
* CVE-2023-52600: Fixed uaf in jfs_evict_inode() (bsc#1221071).
* CVE-2023-52601: Fixed array-index-out-of-bounds in dbAdjTree() in jfs
(bsc#1221068).
* CVE-2023-52602: Fixed slab-out-of-bounds Read in dtSearch() in jfs
(bsc#1221070).
* CVE-2023-52603: Fixed array-index-out-of-bounds in dtSplitRoot()
(bsc#1221066).
* CVE-2023-52604: Fixed array-index-out-of-bounds in dbAdjTree()
(bsc#1221067).
* CVE-2023-52605: Fixed a NULL pointer dereference check (bsc#1221039)
* CVE-2023-52606: Fixed possible kernel stack corruption in powerpc/lib
(bsc#1221069).
* CVE-2023-52607: Fixed a null-pointer-dereference in pgtable_cache_add
kasprintf() (bsc#1221061).
* CVE-2023-52608: Fixed possible race condition in firmware/arm_scmi
(bsc#1221375).
* CVE-2023-52612: Fixed req->dst buffer overflow in crypto/scomp
(bsc#1221616).
* CVE-2023-52615: Fixed page fault dead lock on mmap-ed hwrng (bsc#1221614).
* CVE-2023-52617: Fixed stdev_release() crash after surprise hot remove
(bsc#1221613).
* CVE-2023-52619: Fixed possible crash when setting number of cpus to an odd
number in pstore/ram (bsc#1221618).
* CVE-2023-52621: Fixed missing asserion in bpf (bsc#1222073).
* CVE-2023-52623: Fixed suspicious RCU usage in SUNRPC (bsc#1222060).
* CVE-2023-52628: Fixed 4-byte stack OOB write in nftables (bsc#1222117).
* CVE-2023-52632: Fixed lock dependency warning with srcu in drm/amdkfd
(bsc#1222274).
* CVE-2023-52637: Fixed UAF in j1939_sk_match_filter() in can/k1939
(bsc#1222291).
* CVE-2023-52639: Fixed race during shadow creation in KVM/s390/vsie Fixed
(bsc#1222300).
* CVE-2023-6270: Fixed a use-after-free issue in aoecmd_cfg_pkts
(bsc#1218562).
* CVE-2023-6356: Fixed a NULL pointer dereference in nvmet_tcp_build_pdu_iovec
(bsc#1217987).
* CVE-2023-6535: Fixed a NULL pointer dereference in nvmet_tcp_execute_request
(bsc#1217988).
* CVE-2023-6536: Fixed a NULL pointer dereference in __nvmet_req_complete
(bsc#1217989).
* CVE-2023-7042: Fixed a null-pointer-dereference in
ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev() (bsc#1218336).
* CVE-2023-7192: Fixed a memory leak problem in ctnetlink_create_conntrack in
net/netfilter/nf_conntrack_netlink.c (bsc#1218479).
* CVE-2024-0841: Fixed a null pointer dereference in the hugetlbfs_fill_super
function in hugetlbfs (HugeTLB pages) functionality (bsc#1219264).
* CVE-2024-2201: Fixed information leak in x86/BHI (bsc#1217339).
* CVE-2024-22099: Fixed a null-pointer-dereference in rfcomm_check_security
(bsc#1219170).
* CVE-2024-23307: Fixed Integer Overflow or Wraparound vulnerability in x86
and ARM md, raid, raid5 modules (bsc#1219169).
* CVE-2024-25739: Fixed possible crash in create_empty_lvol() in
drivers/mtd/ubi/vtbl.c (bsc#1219834).
* CVE-2024-25742: Fixed insufficient validation during #VC instruction
emulation in x86/sev (bsc#1221725).
* CVE-2024-26599: Fixed out-of-bounds access in of_pwm_single_xlate()
(bsc#1220365).
* CVE-2024-26600: Fixed NULL pointer dereference for SRP in phy-omap-usb2
(bsc#1220340).
* CVE-2024-26602: Fixed overall slowdowns with sys_membarrier (bsc1220398).
* CVE-2024-26607: Fixed a probing race issue in sii902x: (bsc#1220736).
* CVE-2024-26612: Fixed Oops in fscache_put_cache() This function dereferences
(bsc#1221291).
* CVE-2024-26614: Fixed the initialization of accept_queue's spinlocks
(bsc#1221293).
* CVE-2024-26620: Fixed possible device model violation in s390/vfio-ap
(bsc#1221298).
* CVE-2024-26627: Fixed possible hard lockup in scsi (bsc#1221090).
* CVE-2024-26629: Fixed possible protocol violation via RELEASE_LOCKOWNER in
nfsd (bsc#1221379).
* CVE-2024-26642: Fixed the set of anonymous timeout flag in netfilter
nf_tables (bsc#1221830).
* CVE-2024-26645: Fixed missing visibility when inserting an element into
tracing_map (bsc#1222056).
* CVE-2024-26646: Fixed potential memory corruption when resuming from suspend
or hibernation in thermal/intel/hfi (bsc#1222070).
* CVE-2024-26651: Fixed possible oops via malicious devices in sr9800
(bsc#1221337).
* CVE-2024-26654: Fixed use after free in ALSA/sh/aica (bsc#1222304).
* CVE-2024-26659: Fixed wrong handling of isoc Babble and Buffer Overrun
events in xhci (bsc#1222317).
* CVE-2024-26664: Fixed out-of-bounds memory access in create_core_data() in
hwmon coretemp (bsc#1222355).
* CVE-2024-26667: Fixed null pointer reference in
dpu_encoder_helper_phys_cleanup in drm/msm/dpu (bsc#1222331).
* CVE-2024-26670: Fixed ARM64_WORKAROUND_SPECULATIVE_UNPRIV_LOAD workaround in
kernel arm64 (bsc#1222356).
* CVE-2024-26695: Fixed null pointer dereference in
__sev_platform_shutdown_locked in crypto ccp (bsc#1222373).
* CVE-2024-26717: Fixed null pointer dereference on failed power up in HID
i2c-hid-of (bsc#1222360).

The following non-security bugs were fixed:

* acpi: CPPC: enable AMD CPPC V2 support for family 17h processors (git-
fixes).
* acpi: processor_idle: Fix memory leak in acpi_processor_power_exit() (git-
fixes).
* acpi: resource: Add Infinity laptops to irq1_edge_low_force_override
(stable-fixes).
* acpi: resource: Add MAIBENBEN X577 to irq1_edge_low_force_override (git-
fixes).
* acpi: resource: Do IRQ override on Lunnen Ground laptops (stable-fixes).
* acpi: scan: Fix device check notification handling (git-fixes).
* acpica: debugger: check status of acpi_evaluate_object() in
acpi_db_walk_for_fields() (git-fixes).
* alsa: aaci: Delete unused variable in aaci_do_suspend (git-fixes).
* alsa: aoa: avoid false-positive format truncation warning (git-fixes).
* alsa: aw2: avoid casting function pointers (git-fixes).
* alsa: ctxfi: avoid casting function pointers (git-fixes).
* alsa: hda/realtek - ALC285 reduce pop noise from Headphone port (stable-
fixes).
* alsa: hda/realtek - Add Headset Mic supported Acer NB platform (stable-
fixes).
* alsa: hda/realtek - Fix headset Mic no show at resume back for Lenovo ALC897
platform (git-fixes).
* alsa: hda/realtek: Enable Mute LED on HP 840 G8 (MB 8AB8) (git-fixes).
* alsa: hda/realtek: Update Panasonic CF-SZ6 quirk to support headset with
microphone (git-fixes).
* alsa: hda/realtek: fix ALC285 issues on HP Envy x360 laptops (stable-fixes).
* alsa: hda/realtek: fix mute/micmute LED For HP mt440 (git-fixes).
* alsa: hda/realtek: fix mute/micmute LEDs for HP EliteBook (stable-fixes).
* alsa: seq: fix function cast warnings (git-fixes).
* alsa: sh: aica: reorder cleanup operations to avoid UAF bugs (git-fixes).
* alsa: usb-audio: Stop parsing channels bits when all channels are found
(git-fixes).
* arm64: dts: allwinner: h6: Add RX DMA channel for SPDIF (git-fixes)
* arm64: dts: broadcom: bcmbca: bcm4908: drop invalid switch cells (git-fixes)
* arm64: dts: imx8mm-kontron: Add support for ultra high speed modes on (git-
fixes)
* arm64: dts: imx8mm-venice-gw71xx: fix USB OTG VBUS (git-fixes)
* arm64: dts: marvell: reorder crypto interrupts on Armada SoCs (git-fixes)
* arm64: dts: rockchip: add ES8316 codec for ROCK Pi 4 (git-fixes)
* arm64: dts: rockchip: add SPDIF node for ROCK Pi 4 (git-fixes)
* arm64: dts: rockchip: fix regulator name on rk3399-rock-4 (git-fixes)
* arm64: dts: rockchip: set num-cs property for spi on px30 (git-fixes)
* arm64: mm: fix VA-range sanity check (git-fixes)
* arm64: set __exception_irq_entry with __irq_entry as a default (git-fixes)
* asoc: Intel: bytcr_rt5640: Add an extra entry for the Chuwi Vi8 tablet
(stable-fixes).
* asoc: amd: acp: Add missing error handling in sof-mach (git-fixes).
* asoc: amd: acp: fix for acp_init function error handling (git-fixes).
* asoc: madera: Fix typo in madera_set_fll_clks shift value (git-fixes).
* asoc: meson: Use dev_err_probe() helper (stable-fixes).
* asoc: meson: aiu: fix function pointer type mismatch (git-fixes).
* asoc: meson: axg-tdm-interface: add frame rate constraint (git-fixes).
* asoc: meson: axg-tdm-interface: fix mclk setup without mclk-fs (git-fixes).
* asoc: meson: t9015: fix function pointer type mismatch (git-fixes).
* asoc: ops: Fix wraparound for mask in snd_soc_get_volsw (git-fixes).
* asoc: rcar: adg: correct TIMSEL setting for SSI9 (git-fixes).
* asoc: rt5645: Make LattePanda board DMI match more precise (stable-fixes).
* asoc: rt5682-sdw: fix locking sequence (git-fixes).
* asoc: rt711-sdca: fix locking sequence (git-fixes).
* asoc: rt711-sdw: fix locking sequence (git-fixes).
* asoc: wm8962: Enable both SPKOUTR_ENA and SPKOUTL_ENA in mono mode (stable-
fixes).
* asoc: wm8962: Enable oscillator if selecting WM8962_FLL_OSC (stable-fixes).
* asoc: wm8962: Fix up incorrect error message in wm8962_set_fll (stable-
fixes).
* ata: sata_mv: Fix PCI device ID table declaration compilation warning (git-
fixes).
* ata: sata_sx4: fix pdc20621_get_from_dimm() on 64-bit (git-fixes).
* backlight: da9052: Fully initialize backlight_properties during probe (git-
fixes).
* backlight: lm3630a: Do not set bl->props.brightness in get_brightness (git-
fixes).
* backlight: lm3630a: Initialize backlight_properties on init (git-fixes).
* backlight: lm3639: Fully initialize backlight_properties during probe (git-
fixes).
* backlight: lp8788: Fully initialize backlight_properties during probe (git-
fixes).
* blocklayoutdriver: Fix reference leak of pnfs_device_node (git-fixes).
* bluetooth: Remove HCI_POWER_OFF_TIMEOUT (git-fixes).
* bluetooth: Remove superfluous call to hci_conn_check_pending() (git-fixes).
* bluetooth: hci_core: Fix possible buffer overflow (git-fixes).
* bluetooth: mgmt: Remove leftover queuing of power_off work (git-fixes).
* bluetooth: rfcomm: Fix null-ptr-deref in rfcomm_check_security (stable-
fixes).
* bpf, scripts: Correct GPL license name (git-fixes).
* bpf, sockmap: Fix preempt_rt splat when using raw_spin_lock_t (git-fixes).
* can: softing: remove redundant NULL check (git-fixes).
* clk: zynq: Prevent null pointer dereference caused by kmalloc failure (git-
fixes).
* comedi: comedi_test: Prevent timers rescheduling during deletion (git-
fixes).
* coresight: etm4x: Do not access TRCIDR1 for identification (bsc#1220775)
* coresight: etm4x: Fix accesses to TRCSEQRSTEVR and TRCSEQSTR (bsc#1220775)
* coresight: etm: Override TRCIDR3.CCITMIN on errata affected cpus
(bsc#1220775)
* cpufreq: amd-pstate: Fix min_perf assignment in amd_pstate_adjust_perf()
(git-fixes).
* cpufreq: brcmstb-avs-cpufreq: add check for cpufreq_cpu_get's return value
(git-fixes).
* crypto: arm/sha - fix function cast warnings (git-fixes).
* crypto: qat - avoid division by zero (git-fixes).
* crypto: qat - fix deadlock in backlog processing (git-fixes).
* crypto: qat - fix double free during reset (git-fixes).
* crypto: qat - fix state machines cleanup paths (bsc#1218321).
* crypto: qat - fix unregistration of compression algorithms (git-fixes).
* crypto: qat - fix unregistration of crypto algorithms (git-fixes).
* crypto: qat - ignore subsequent state up commands (git-fixes).
* crypto: qat - increase size of buffers (git-fixes).
* crypto: qat - resolve race condition during AER recovery (git-fixes).
* crypto: xilinx - call finalize with bh disabled (git-fixes).
* doc-guide: kernel-doc: tell about object-like macros (git-fixes).
* doc/README.SUSE: Update information about module support status
(jsc#PED-5759)
* drivers: hv: vmbus: Calculate ring buffer size for more efficient use of
memory (git-fixes).
* drm/amd/display: Add FAMS validation before trying to use it (git-fixes).
* drm/amd/display: Add function for validate and update new stream (git-
fixes).
* drm/amd/display: Avoid ABM when ODM combine is enabled for eDP (git-fixes).
* drm/amd/display: Blocking invalid 420 modes on HDMI TMDS for DCN31 (git-
fixes).
* drm/amd/display: Check if link state is valid (git-fixes).
* drm/amd/display: Copy DC context in the commit streams (git-fixes).
* drm/amd/display: Disable PSR-SU on Parade 0803 TCON again (git-fixes).
* drm/amd/display: Enable fast plane updates on DCN3.2 and above (git-fixes).
* drm/amd/display: Enable new commit sequence only for DCN32x (git-fixes).
* drm/amd/display: Exit idle optimizations before attempt to access PHY (git-
fixes).
* drm/amd/display: Expand kernel doc for DC (git-fixes).
* drm/amd/display: Fix a bug when searching for insert_above_mpcc (git-fixes).
* drm/amd/display: Fix a potential buffer overflow in 'dp_dsc_clock_en_read()'
(git-fixes).
* drm/amd/display: Fix possible underflow for displays with large vblank (git-
fixes).
* drm/amd/display: Fix the delta clamping for shaper LUT (git-fixes).
* drm/amd/display: Fix underflow issue on 175hz timing (git-fixes).
* drm/amd/display: For prefetch mode > 0, extend prefetch if possible (git-
fixes).
* drm/amd/display: Guard DCN31 PHYD32CLK logic against chip family (git-
fixes).
* drm/amd/display: Guard against invalid RPTR/WPTR being set (git-fixes).
* drm/amd/display: Handle seamless boot stream (git-fixes).
* drm/amd/display: Handle virtual hardware detect (git-fixes).
* drm/amd/display: Include surface of unaffected streams (git-fixes).
* drm/amd/display: Include udelay when waiting for INBOX0 ACK (git-fixes).
* drm/amd/display: Increase frame warning limit with KASAN or KCSAN in dml
(git-fixes).
* drm/amd/display: Keep PHY active for dp config (git-fixes).
* drm/amd/display: Prevent vtotal from being set to 0 (git-fixes).
* drm/amd/display: Remove min_dst_y_next_start check for Z8 (git-fixes).
* drm/amd/display: Restore rptr/wptr for DMCUB as workaround (git-fixes).
* drm/amd/display: Return the correct HDCP error code (stable-fixes).
* drm/amd/display: Revert vblank change that causes null pointer crash (git-
fixes).
* drm/amd/display: Rework comments on dc file (git-fixes).
* drm/amd/display: Rework context change check (git-fixes).
* drm/amd/display: Set minimum requirement for using PSR-SU on Phoenix (git-
fixes).
* drm/amd/display: Set minimum requirement for using PSR-SU on Rembrandt (git-
fixes).
* drm/amd/display: Update OTG instance in the commit stream (git-fixes).
* drm/amd/display: Update correct DCN314 register header (git-fixes).
* drm/amd/display: Update min Z8 residency time to 2100 for DCN314 (git-
fixes).
* drm/amd/display: Use DRAM speed from validation for dummy p-state (git-
fixes).
* drm/amd/display: Use DTBCLK as refclk instead of DPREFCLK (git-fixes).
* drm/amd/display: Use min transition for all SubVP plane add/remove (git-
fixes).
* drm/amd/display: Write to correct dirty_rect (git-fixes).
* drm/amd/display: Wrong colorimetry workaround (git-fixes).
* drm/amd/display: add FB_DAMAGE_CLIPS support (git-fixes).
* drm/amd/display: add ODM case when looking for first split pipe (git-fixes).
* drm/amd/display: always switch off ODM before committing more streams (git-
fixes).
* drm/amd/display: clean code-style issues in dcn30_set_mpc_shaper_3dlut (git-
fixes).
* drm/amd/display: dc.h: eliminate kernel-doc warnings (git-fixes).
* drm/amd/display: ensure async flips are only accepted for fast updates (git-
fixes).
* drm/amd/display: fix ABM disablement (git-fixes).
* drm/amd/display: fix a NULL pointer dereference in amdgpu_dm_i2c_xfer()
(git-fixes).
* drm/amd/display: fix dc/core/dc.c kernel-doc (git-fixes).
* drm/amd/display: fix hw rotated modes when PSR-SU is enabled (git-fixes).
* drm/amd/display: fix kernel-doc issues in dc.h (git-fixes).
* drm/amd/display: fix unbounded requesting for high pixel rate modes on
dcn315 (git-fixes).
* drm/amd/display: handle range offsets in VRR ranges (stable-fixes).
* drm/amd/display: perform a bounds check before filling dirty rectangles
(git-fixes).
* drm/amd/display: set per pipe dppclk to 0 when dpp is off (git-fixes).
* drm/amd/display: update extended blank for dcn314 onwards (git-fixes).
* drm/amd/display: use low clocks for no plane configs (git-fixes).
* drm/amd/pm: Fix error of MACO flag setting code (git-fixes).
* drm/amd/pm: fix a memleak in aldebaran_tables_init (git-fixes).
* drm/amd/smu: use AverageGfxclkFrequency* to replace previous GFX Curr Clock
(git-fixes).
* drm/amd: Enable PCIe PME from D3 (git-fixes).
* drm/amdgpu/pm: Fix the error of pwm1_enable setting (stable-fixes).
* drm/amdgpu/pm: make gfxclock consistent for sienna cichlid (git-fixes).
* drm/amdgpu/pm: make mclk consistent for smu 13.0.7 (git-fixes).
* drm/amdgpu/smu13: drop compute workload workaround (git-fixes).
* drm/amdgpu: Enable gpu reset for S3 abort cases on Raven series (stable-
fixes).
* drm/amdgpu: Fix missing break in ATOM_ARG_IMM Case of atom_get_src_int()
(git-fixes).
* drm/amdgpu: Force order between a read and write to the same address (git-
fixes).
* drm/amdgpu: Match against exact bootloader status (git-fixes).
* drm/amdgpu: Unset context priority is now invalid (git-fixes).
* drm/amdgpu: Update min() to min_t() in 'amdgpu_info_ioctl' (git-fixes).
* drm/amdgpu: amdgpu_ttm_gart_bind set gtt bound flag (stable-fixes).
* drm/amdgpu: lower CS errors to debug severity (git-fixes).
* drm/amdkfd: fix TLB flush after unmap for GFX9.4.2 (stable-fixes).
* drm/bridge: tc358762: Instruct DSI host to generate HSE packets (git-fixes).
* drm/display: fix typo (git-fixes).
* drm/edid: Add quirk for OSVR HDK 2.0 (git-fixes).
* drm/etnaviv: Restore some id values (git-fixes).
* drm/exynos: do not return negative values from .get_modes() (stable-fixes).
* drm/exynos: fix a possible null-pointer dereference due to data race in
exynos_drm_crtc_atomic_disable() (git-fixes).
* drm/i915/bios: Tolerate devdata==NULL in
intel_bios_encoder_supports_dp_dual_mode() (stable-fixes).
* drm/i915/gt: Do not generate the command streamer for all the CCS (git-
fixes).
* drm/i915/gt: Reset queue_priority_hint on parking (git-fixes).
* drm/i915/gt: Use i915_vm_put on ppgtt_create error paths (git-fixes).
* drm/i915/selftests: Fix dependency of some timeouts on HZ (git-fixes).
* drm/i915: Add missing CCS documentation (git-fixes).
* drm/i915: Call intel_pre_plane_updates() also for pipes getting enabled
(git-fixes).
* drm/i915: Check before removing mm notifier (git-fixes).
* drm/lima: fix a memleak in lima_heap_alloc (git-fixes).
* drm/mediatek: Fix a null pointer crash in mtk_drm_crtc_finish_page_flip
(git-fixes).
* drm/mediatek: dsi: Fix DSI RGB666 formats and definitions (git-fixes).
* drm/msm/dpu: Only enable DSC_MODE_MULTIPLEX if dsc_merge is enabled (git-
fixes).
* drm/msm/dpu: add division of drm_display_mode's hskew parameter (git-fixes).
* drm/msm/dpu: fix the programming of INTF_CFG2_DATA_HCTL_EN (git-fixes).
* drm/msm/dpu: improve DSC allocation (git-fixes).
* drm/panel-edp: use put_sync in unprepare (git-fixes).
* drm/panel: Move AUX B116XW03 out of panel-edp back to panel-simple (git-
fixes).
* drm/panel: auo,b101uan08.3: Fine tune the panel power sequence (git-fixes).
* drm/panel: boe-tv101wum-nl6: Fine tune the panel power sequence (git-fixes).
* drm/panel: do not return negative error codes from drm_panel_get_modes()
(stable-fixes).
* drm/panfrost: fix power transition timeout warnings (git-fixes).
* drm/probe-helper: warn about negative .get_modes() (stable-fixes).
* drm/qxl: remove unused `count` variable from `qxl_surface_id_alloc()` (git-
fixes).
* drm/qxl: remove unused variable from `qxl_process_single_command()` (git-
fixes).
* drm/radeon/ni: Fix wrong firmware size logging in ni_init_microcode() (git-
fixes).
* drm/radeon/ni_dpm: remove redundant NULL check (git-fixes).
* drm/radeon: remove dead code in ni_mc_load_microcode() (git-fixes).
* drm/rockchip: dsi: Clean up 'usage_mode' when failing to attach (git-fixes).
* drm/rockchip: inno_hdmi: Fix video timing (git-fixes).
* drm/rockchip: lvds: do not overwrite error code (git-fixes).
* drm/rockchip: lvds: do not print scary message when probing defer (git-
fixes).
* drm/tegra: dpaux: Fix PM disable depth imbalance in tegra_dpaux_probe (git-
fixes).
* drm/tegra: dsi: Add missing check for of_find_device_by_node (git-fixes).
* drm/tegra: dsi: Fix missing pm_runtime_disable() in the error handling path
of tegra_dsi_probe() (git-fixes).
* drm/tegra: dsi: Fix some error handling paths in tegra_dsi_probe() (git-
fixes).
* drm/tegra: dsi: Make use of the helper function dev_err_probe() (stable-
fixes).
* drm/tegra: hdmi: Convert to devm_platform_ioremap_resource() (stable-fixes).
* drm/tegra: hdmi: Fix some error handling paths in tegra_hdmi_probe() (git-
fixes).
* drm/tegra: output: Fix missing i2c_put_adapter() in the error handling paths
of tegra_output_probe() (git-fixes).
* drm/tegra: put drm_gem_object ref on error in tegra_fb_create (git-fixes).
* drm/tegra: rgb: Fix missing clk_put() in the error handling paths of
tegra_dc_rgb_probe() (git-fixes).
* drm/tegra: rgb: Fix some error handling paths in tegra_dc_rgb_probe() (git-
fixes).
* drm/tidss: Fix initial plane zpos values (git-fixes).
* drm/tidss: Fix sync-lost issue with two displays (git-fixes).
* drm/ttm: Do not leak a resource on eviction error (git-fixes).
* drm/ttm: Do not print error message if eviction was interrupted (git-fixes).
* drm/vc4: Add module dependency on hdmi-codec (git-fixes).
* drm/vmwgfx: Create debugfs ttm_resource_manager entry only if needed (git-
fixes).
* drm/vmwgfx: Fix possible null pointer derefence with invalid contexts (git-
fixes).
* drm/vmwgfx: fix a memleak in vmw_gmrid_man_get_node (git-fixes).
* drm: Do not treat 0 as -1 in drm_fixp2int_ceil (git-fixes).
* drm: Fix drm_fixp2int_round() making it add 0.5 (git-fixes).
* drm: panel-orientation-quirks: Add quirk for Acer Switch V 10 (SW5-017)
(git-fixes).
* firewire: core: use long bus reset on gap count error (stable-fixes).
* fix "coresight: etm4x: Change etm4_platform_driver driver for MMIO devices"
(bsc#1220775) Hunk with clk_put(drvdata->pclk) was incorrectly moved to
another function.
* hid: amd_sfh: Update HPD sensor structure elements (git-fixes).
* hid: lenovo: Add middleclick_workaround sysfs knob for cptkbd (git-fixes).
* hid: multitouch: Add required quirk for Synaptics 0xcddc device (stable-
fixes).
* hv_netvsc: Calculate correct ring size when PAGE_SIZE is not 4 Kbytes (git-
fixes).
* hv_netvsc: Fix race condition between netvsc_probe and netvsc_remove (git-
fixes).
* hv_netvsc: Register VF in netvsc_probe if NET_DEVICE_REGISTER missed (git-
fixes).
* i2c: aspeed: Fix the dummy irq expected print (git-fixes).
* i2c: i801: Avoid potential double call to gpiod_remove_lookup_table (git-
fixes).
* i2c: wmt: Fix an error handling path in wmt_i2c_probe() (git-fixes).
* ib/ipoib: Fix mcast list locking (git-fixes)
* iio: dummy_evgen: remove Excess kernel-doc comments (git-fixes).
* iio: pressure: dlhl60d: Initialize empty DLH bytes (git-fixes).
* input: gpio_keys_polled - suppress deferred probe error for gpio (stable-
fixes).
* input: i8042 - add Fujitsu Lifebook E5411 to i8042 quirk table (git-fixes).
* input: i8042 - add Fujitsu Lifebook U728 to i8042 quirk table (git-fixes).
* input: i8042 - add quirk for Fujitsu Lifebook A574/H (git-fixes).
* input: i8042 - fix strange behavior of touchpad on Clevo NS70PU (git-fixes).
* input: pm8941-powerkey - fix debounce on gen2+ PMICs (git-fixes).
* input: pm8941-pwrkey - add software key press debouncing support (git-
fixes).
* input: pm8941-pwrkey - add support for PON GEN3 base addresses (git-fixes).
* input: synaptics-rmi4 - fix UAF of IRQ domain on driver removal (git-fixes).
* input: xpad - add Lenovo Legion Go controllers (git-fixes).
* iommu/amd: Mark interrupt as managed (git-fixes).
* iommu/dma: Trace bounce buffer usage when mapping buffers (git-fixes).
* iommu/mediatek-v1: Fix an error handling path in mtk_iommu_v1_probe() (git-
fixes).
* iommu/mediatek: Fix forever loop in error handling (git-fixes).
* iommu/vt-d: Allow to use flush-queue when first level is default (git-
fixes).
* iommu/vt-d: Do not issue ATS Invalidation request when device is
disconnected (git-fixes).
* iommu/vt-d: Fix PASID directory pointer coherency (git-fixes).
* iommu/vt-d: Set No Execute Enable bit in PASID table entry (git-fixes).
* kabi: PCI: Add locking to RMW PCI Express Capability Register accessors
(kabi).
* kconfig: fix infinite loop when expanding a macro at the end of file (git-
fixes).
* kvm: s390: only deliver the set service event bits (git-fixes bsc#1221631).
* lan78xx: enable auto speed configuration for LAN7850 if no EEPROM is
detected (git-commit).
* leds: aw2013: Unlock mutex before destroying it (git-fixes).
* lib/cmdline: Fix an invalid format specifier in an assertion msg (git-
fixes).
* make NVIDIA Grace-Hopper TPM related drivers build-ins (bsc#1221156)
* md/raid10: check slab-out-of-bounds in md_bitmap_get_counter (git-fixes).
* md/raid5: release batch_last before waiting for another stripe_head (git-
fixes).
* md/raid6: use valid sector values to determine if an I/O should wait on the
reshape (git-fixes).
* md: Do not ignore suspended array in md_check_recovery() (git-fixes).
* md: Make sure md_do_sync() will set MD_RECOVERY_DONE (git-fixes).
* md: Whenassemble the array, consult the superblock of the freshest device
(git-fixes).
* md: do not leave 'MD_RECOVERY_FROZEN' in error path of md_set_readonly()
(git-fixes).
* md: fix data corruption for raid456 when reshape restart while grow up (git-
fixes).
* md: introduce md_ro_state (git-fixes).
* media: dvb-frontends: avoid stack overflow warnings with clang (git-fixes).
* media: edia: dvbdev: fix a use-after-free (git-fixes).
* media: em28xx: annotate unchecked call to media_device_register() (git-
fixes).
* media: go7007: add check of return value of go7007_read_addr() (git-fixes).
* media: go7007: fix a memleak in go7007_load_encoder (git-fixes).
* media: imx: csc/scaler: fix v4l2_ctrl_handler memory leak (git-fixes).
* media: pvrusb2: fix pvr2_stream_callback casts (git-fixes).
* media: pvrusb2: fix uaf in pvr2_context_set_notify (git-fixes).
* media: pvrusb2: remove redundant NULL check (git-fixes).
* media: staging: ipu3-imgu: Set fields before media_entity_pads_init() (git-
fixes).
* media: sun8i-di: Fix chroma difference threshold (git-fixes).
* media: sun8i-di: Fix coefficient writes (git-fixes).
* media: sun8i-di: Fix power on/off sequences (git-fixes).
* media: tc358743: register v4l2 async device only after successful setup
(git-fixes).
* media: ttpci: fix two memleaks in budget_av_attach (git-fixes).
* media: usbtv: Remove useless locks in usbtv_video_free() (git-fixes).
* media: v4l2-mem2mem: fix a memleak in v4l2_m2m_register_entity (git-fixes).
* media: v4l2-tpg: fix some memleaks in tpg_alloc (git-fixes).
* media: xc4000: Fix atomicity violation in xc4000_get_frequency (git-fixes).
* mfd: altera-sysmgr: Call of_node_put() only when of_parse_phandle() takes a
ref (git-fixes).
* mfd: syscon: Call of_node_put() only when of_parse_phandle() takes a ref
(git-fixes).
* mm,page_owner: Defer enablement of static branch (bsc#1222366).
* mm,page_owner: Fix accounting of pages when migrating (bsc#1222366).
* mm,page_owner: Fix printing of stack records (bsc#1222366).
* mm,page_owner: Fix refcount imbalance (bsc#1222366).
* mm,page_owner: Update metadata for tail pages (bsc#1222366).
* mm,page_owner: check for null stack_record before bumping its refcount
(bsc#1222366).
* mm,page_owner: drop unnecessary check (bsc#1222366).
* mm,page_owner: fix recursion (bsc#1222366).
* mmc: core: Avoid negative index with array access (git-fixes).
* mmc: core: Fix switch on gp3 partition (git-fixes).
* mmc: core: Initialize mmc_blk_ioc_data (git-fixes).
* mmc: mmci: stm32: fix DMA API overlapping mappings warning (git-fixes).
* mmc: mmci: stm32: use a buffer for unaligned DMA requests (git-fixes).
* mmc: tmio: avoid concurrent runs of mmc_request_done() (git-fixes).
* mmc: wmt-sdmmc: remove an incorrect release_mem_region() call in the .remove
function (git-fixes).
* mtd: maps: physmap-core: fix flash size larger than 32-bit (git-fixes).
* mtd: rawnand: lpc32xx_mlc: fix irq handler prototype (git-fixes).
* mtd: rawnand: meson: fix scrambling mode value in command macro (git-fixes).
* net/bnx2x: Prevent access to a freed page in page_pool (bsc#1215322).
* net/x25: fix incorrect parameter validation in the x25_getsockopt() function
(git-fixes).
* net: Fix features skip in for_each_netdev_feature() (git-fixes).
* net: lan78xx: fix runtime PM count underflow on link stop (git-fixes).
* net: ll_temac: platform_get_resource replaced by wrong function (git-fixes).
* net: mana: Fix Rx DMA datasize and skb_over_panic (git-fixes).
* net: phy: fix phy_get_internal_delay accessing an empty array (git-fixes).
* net: sunrpc: Fix an off by one in rpc_sockaddr2uaddr() (git-fixes).
* net: usb: dm9601: fix wrong return value in dm9601_mdio_read (git-fixes).
* nfc: nci: Fix uninit-value in nci_dev_up and nci_ntf_packet (git-fixes).
* nfs: fix an off by one in root_nfs_cat() (git-fixes).
* nfs: rename nfs_client_kset to nfs_kset (git-fixes).
* nfsd: change LISTXATTRS cookie encoding to big-endian (git-fixes).
* nfsd: convert the callback workqueue to use delayed_work (git-fixes).
* nfsd: do not take fi_lock in nfsd_break_deleg_cb() (git-fixes).
* nfsd: fix LISTXATTRS returning a short list with eof=TRUE (git-fixes).
* nfsd: fix LISTXATTRS returning more bytes than maxcount (git-fixes).
* nfsd: fix file memleak on client_opens_release (git-fixes).
* nfsd: fix nfsd4_listxattr_validate_cookie (git-fixes).
* nfsd: lock_rename() needs both directories to live on the same fs (git-
fixes).
* nfsd: reschedule CB operations when backchannel rpc_clnt is shut down (git-
fixes).
* nfsd: reset cb_seq_status after NFS4ERR_DELAY (git-fixes).
* nfsd: retransmit callbacks after client reconnects (git-fixes).
* nfsd: use vfs setgid helper (git-fixes).
* nfsv4.1/pnfs: Ensure we handle the error NFS4ERR_RETURNCONFLICT (git-fixes).
* nfsv4.1: fix SP4_MACH_CRED protection for pnfs IO (git-fixes).
* nfsv4.1: fixup use EXCHGID4_FLAG_USE_PNFS_DS for DS server (git-fixes).
* nfsv4.1: use EXCHGID4_FLAG_USE_PNFS_DS for DS server (git-fixes).
* nfsv4.2: fix listxattr maximum XDR buffer size (git-fixes).
* nfsv4.2: fix nfs4_listxattr kernel BUG at mm/usercopy.c:102 (git-fixes).
* nfsv4.2: fix wrong shrinker_id (git-fixes).
* nfsv4: fix a nfs4_state_manager() race (git-fixes).
* nfsv4: fix a state manager thread deadlock regression (git-fixes).
* nilfs2: fix failure to detect DAT corruption in btree and direct mappings
(git-fixes).
* nilfs2: prevent kernel bug at submit_bh_wbc() (git-fixes).
* nouveau/dmem: handle kcalloc() allocation failure (git-fixes).
* nouveau: reset the bo resource bus info after an eviction (git-fixes).
* ntfs: fix use-after-free in ntfs_ucsncmp() (bsc#1221713).
* nvme-fc: do not wait in vain when unloading module (git-fixes).
* nvme: fix reconnection fail due to reserved tag allocation (git-fixes).
* nvmet-fc: abort command when there is no binding (git-fixes).
* nvmet-fc: avoid deadlock on delete association path (git-fixes).
* nvmet-fc: defer cleanup using RCU properly (git-fixes).
* nvmet-fc: hold reference on hostport match (git-fixes).
* nvmet-fc: release reference on target port (git-fixes).
* nvmet-fc: take ref count on tgtport before delete assoc (git-fixes).
* nvmet-fcloop: swap the list_add_tail arguments (git-fixes).
* nvmet-tcp: fix nvme tcp ida memory leak (git-fixes).
* pci/aer: fix rootport attribute paths in ABI docs (git-fixes).
* pci/aspm: Use RMW accessors for changing LNKCTL (git-fixes).
* pci/dpc: print all TLP Prefixes, not just the first (git-fixes).
* pci/msi: prevent MSI hardware interrupt number truncation (bsc#1218777)
* pci/p2pdma: Fix a sleeping issue in a RCU read section (git-fixes).
* pci: add locking to RMW PCI Express Capability Register accessors (git-
fixes).
* pci: dwc: Fix a 64bit bug in dw_pcie_ep_raise_msix_irq() (git-fixes).
* pci: dwc: endpoint: Fix advertised resizable BAR size (git-fixes).
* pci: dwc: endpoint: Fix dw_pcie_ep_raise_msix_irq() alignment support (git-
fixes).
* pci: fu740: Set the number of MSI vectors (git-fixes).
* pci: lengthen reset delay for VideoPropulsion Torrent QN16e card (git-
fixes).
* pci: make link retraining use RMW accessors for changing LNKCTL (git-fixes).
* pci: mark 3ware-9650SE Root Port Extended Tags as broken (git-fixes).
* pci: mediatek-gen3: Fix translation window size calculation (git-fixes).
* pci: mediatek: Clear interrupt status before dispatching handler (git-
fixes).
* pci: qcom: Enable BDF to SID translation properly (git-fixes).
* pci: qcom: Use DWC helpers for modifying the read-only DBI registers (git-
fixes).
* pci: rockchip: Do not advertise MSI-X in PCIe capabilities (git-fixes).
* pci: rockchip: Fix window mapping and address translation for endpoint (git-
fixes).
* pci: rockchip: Use 64-bit mask on MSI 64-bit PCI address (git-fixes).
* pci: switchtec: Fix an error handling path in switchtec_pci_probe() (git-
fixes).
* pinctrl: mediatek: Drop bogus slew rate register range for MT8192 (git-
fixes).
* platform/mellanox: mlxreg-hotplug: Remove redundant NULL-check (git-fixes).
* pm: suspend: Set mem_sleep_current during kernel command line setup (git-
fixes).
* pnfs/flexfiles: Check the layout validity in ff_layout_mirror_prepare_stats
(git-fixes).
* pnfs: Fix a hang in nfs4_evict_inode() (git-fixes).
* pnfs: Fix the pnfs block driver's calculation of layoutget size (git-fixes).
* powerpc/64s: POWER10 CPU Kconfig build option (bsc#1194869).
* powerpc/boot: Disable power10 features after BOOTAFLAGS assignment
(bsc#1194869).
* powerpc/boot: Fix boot wrapper code generation with CONFIG_POWER10_CPU
(bsc#1194869).
* powerpc/lib/sstep: Do not use __{get/put}_user() on kernel addresses
(bsc#1194869).
* powerpc/lib/sstep: Remove unneeded #ifdef **powerpc64** (bsc#1194869).
* powerpc/lib/sstep: Use l1_dcache_bytes() instead of opencoding
(bsc#1194869).
* powerpc/lib/sstep: use truncate_if_32bit() (bsc#1194869).
* powerpc/pseries/iommu: IOMMU table is not initialized for kdump over SR-IOV
(bsc#1220492 ltc#205270).
* powerpc/pseries: Fix potential memleak in papr_get_attr() (bsc#1200465
ltc#197256 jsc#SLE-18130 git-fixes).
* powerpc/sstep: Use bitwise instead of arithmetic operator for flags
(bsc#1194869).
* powerpc: add compile-time support for lbarx, lharx (bsc#1194869).
* pwm: mediatek: Update kernel doc for struct pwm_mediatek_of_data (git-
fixes).
* qedf: Do not process stag work during unload (bsc#1214852).
* qedf: Wait for stag work during unload (bsc#1214852).
* raid1: fix use-after-free for original bio in raid1_write_request()
(bsc#1221097).
* ras/amd/fmpm: Add debugfs interface to print record entries (jsc#PED-7619).
* ras/amd/fmpm: Avoid NULL ptr deref in get_saved_records() (jsc#PED-7619).
* ras/amd/fmpm: Fix build when debugfs is not enabled (jsc#PED-7619).
* ras/amd/fmpm: Fix off by one when unwinding on error (jsc#PED-7619).
* ras/amd/fmpm: Safely handle saved records of various sizes (jsc#PED-7619).
* ras/amd/fmpm: Save SPA values (jsc#PED-7619).
* ras: Avoid build errors when CONFIG_DEBUG_FS=n (git-fixes).
* ras: export helper to get ras_debugfs_dir (jsc#PED-7619).
* rdma/device: Fix a race between mad_client and cm_client init (git-fixes)
* rdma/hns: fix mis-modifying default congestion control algorithm (git-fixes)
* rdma/ipoib: Fix error code return in ipoib_mcast_join (git-fixes)
* rdma/irdma: Remove duplicate assignment (git-fixes)
* rdma/mana_ib: Fix bug in creation of dma regions (git-fixes).
* rdma/mlx5: fix fortify source warning while accessing Eth segment (git-
fixes)
* rdma/mlx5: relax DEVX access upon modify commands (git-fixes)
* rdma/rtrs-clt: Check strnlen return len in sysfs mpath_policy_store() (git-
fixes)
* rdma/srpt: do not register event handler until srpt device is fully setup
(git-fixes)
* revert "PCI: tegra194: Enable support for 256 Byte payload" (git-fixes).
* revert "Revert "drm/amdgpu/display: change pipe policy for DCN 2.0"" (git-
fixes).
* revert "SUNRPC dont update timeout value on connection reset" (git-fixes).
* revert "drm/amd: Disable PSR-SU on Parade 0803 TCON" (git-fixes).
* revert "drm/amd: Disable S/G for APUs when 64GB or more host memory" (git-
fixes).
* revert "drm/amdgpu/display: change pipe policy for DCN 2.0" (git-fixes).
* revert "drm/amdgpu/display: change pipe policy for DCN 2.1" (git-fixes).
* revert "drm/vc4: hdmi: Enforce the minimum rate at runtime_resume" (git-
fixes).
* revert "fbdev: flush deferred IO before closing (git-fixes)." (bsc#1221814)
* ring-buffer: Clean ring_buffer_poll_wait() error return (git-fixes).
* rtc: mt6397: select IRQ_DOMAIN instead of depending on it (git-fixes).
* s390/pai: fix attr_event_free upper limit for pai device drivers (git-fixes
bsc#1221633).
* s390/vfio-ap: realize the VFIO_DEVICE_GET_IRQ_INFO ioctl (bsc#1205316).
* s390/vfio-ap: realize the VFIO_DEVICE_SET_IRQS ioctl (bsc#1205316).
* s390/vfio-ap: wire in the vfio_device_ops request callback (bsc#1205316).
* s390/vtime: fix average steal time calculation (git-fixes bsc#1221951).
* sched/rt: Disallow writing invalid values to sched_rt_period_us
(bsc#1220176).
* sched/rt: sysctl_sched_rr_timeslice show default timeslice after reset
(bsc#1220176).
* scsi: lpfc: Copyright updates for 14.4.0.1 patches (bsc#1221777).
* scsi: lpfc: Correct size for cmdwqe/rspwqe for memset() (bsc#1221777).
* scsi: lpfc: Correct size for wqe for memset() (bsc#1221777).
* scsi: lpfc: Define lpfc_dmabuf type for ctx_buf ptr (bsc#1221777).
* scsi: lpfc: Define lpfc_nodelist type for ctx_ndlp ptr (bsc#1221777).
* scsi: lpfc: Define types in a union for generic void *context3 ptr
(bsc#1221777).
* scsi: lpfc: Move NPIV's transport unregistration to after resource clean up
(bsc#1221777).
* scsi: lpfc: Release hbalock before calling lpfc_worker_wake_up()
(bsc#1221777).
* scsi: lpfc: Remove IRQF_ONESHOT flag from threaded IRQ handling (bsc#1221777
bsc#1217959).
* scsi: lpfc: Remove unnecessary log message in queuecommand path
(bsc#1221777).
* scsi: lpfc: Replace hbalock with ndlp lock in lpfc_nvme_unregister_port()
(bsc#1221777).
* scsi: lpfc: Update lpfc version to 14.4.0.1 (bsc#1221777).
* scsi: lpfc: Update lpfc_ramp_down_queue_handler() logic (bsc#1221777).
* scsi: lpfc: Use a dedicated lock for ras_fwlog state (bsc#1221777).
* scsi: qedf: Remove set but unused variable 'page' (bsc#1214852).
* scsi: qedf: Remove unused 'num_handled' variable (bsc#1214852).
* scsi: qedf: Remove unused declaration (bsc#1214852).
* scsi: qla2xxx: Change debug message during driver unload (bsc1221816).
* scsi: qla2xxx: Delay I/O Abort on PCI error (bsc1221816).
* scsi: qla2xxx: Fix N2N stuck connection (bsc1221816).
* scsi: qla2xxx: Fix command flush on cable pull (bsc1221816).
* scsi: qla2xxx: Fix double free of fcport (bsc1221816).
* scsi: qla2xxx: Fix double free of the ha->vp_map pointer (bsc1221816).
* scsi: qla2xxx: NVME|FCP prefer flag not being honored (bsc1221816).
* scsi: qla2xxx: Prevent command send on chip reset (bsc1221816).
* scsi: qla2xxx: Split FCE|EFT trace control (bsc1221816).
* scsi: qla2xxx: Update manufacturer detail (bsc1221816).
* scsi: qla2xxx: Update version to 10.02.09.200-k (bsc1221816).
* scsi: storvsc: Fix ring buffer size calculation (git-fixes).
* scsi: target: core: Silence the message about unknown VPD pages
(bsc#1221252).
* selftests/bpf: add generic BPF program tester-loader (bsc#1222033).
* serial: 8250_exar: Do not remove GPIO device on suspend (git-fixes).
* serial: max310x: fix syntax error in IRQ error message (git-fixes).
* slimbus: core: Remove usage of the deprecated ida_simple_xx() API (git-
fixes).
* soc: fsl: qbman: Always disable interrupts when taking cgr_lock (git-fixes).
* spi: lm70llp: fix links in doc and comments (git-fixes).
* spi: spi-mt65xx: Fix NULL pointer access in interrupt handler (git-fixes).
* sr9800: Add check for usbnet_get_endpoints (git-fixes).
* stackdepot: rename pool_index to pool_index_plus_1 (git-fixes).
* staging: vc04_services: fix information leak in create_component() (git-
fixes).
* sunrpc: Add an IS_ERR() check back to where it was (git-fixes).
* sunrpc: ECONNRESET might require a rebind (git-fixes).
* sunrpc: Fix RPC client cleaned up the freed pipefs dentries (git-fixes).
* sunrpc: Fix a suspicious RCU usage warning (git-fixes).
* sunrpc: fix a memleak in gss_import_v2_context (git-fixes).
* sunrpc: fix some memleaks in gssx_dec_option_array (git-fixes).
* svcrdma: Drop connection after an RDMA Read error (git-fixes).
* topology/sysfs: Hide PPIN on systems that do not support it (jsc#PED-7618).
* topology: Fix up build warning in topology_is_visible() (jsc#PED-7618).
* tracing/probes: Fix to show a parse error for bad type for $comm (git-
fixes).
* tracing: Fix wasted memory in saved_cmdlines logic (git-fixes).
* tracing: Inform kmemleak of saved_cmdlines allocation (git-fixes).
* tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc (bsc#1222619).
* tty: serial: fsl_lpuart: avoid idle preamble pending if CTS is enabled (git-
fixes).
* tty: serial: samsung: fix tx_empty() to return TIOCSER_TEMT (git-fixes).
* tty: vt: fix 20 vs 0x20 typo in EScsiignore (git-fixes).
* ubifs: Queue up space reservation tasks if retrying many times (git-fixes).
* ubifs: Remove unreachable code in dbg_check_ltab_lnum (git-fixes).
* ubifs: Set page uptodate in the correct place (git-fixes).
* ubifs: dbg_check_idx_size: Fix kmemleak if loading znode failed (git-fixes).
* ubifs: fix sort function prototype (git-fixes).
* usb: audio-v2: Correct comments for struct uac_clock_selector_descriptor
(git-fixes).
* usb: cdc-wdm: close race between read and workqueue (git-fixes).
* usb: core: Fix deadlock in usb_deauthorize_interface() (git-fixes).
* usb: dwc2: gadget: Fix exiting from clock gating (git-fixes).
* usb: dwc2: gadget: LPM flow fix (git-fixes).
* usb: dwc2: host: Fix ISOC flow in DDMA mode (git-fixes).
* usb: dwc2: host: Fix hibernation flow (git-fixes).
* usb: dwc2: host: Fix remote wakeup from hibernation (git-fixes).
* usb: dwc3: Properly set system wakeup (git-fixes).
* usb: f_mass_storage: forbid async queue when shutdown happen (git-fixes).
* usb: gadget: ncm: Fix handling of zero block length packets (git-fixes).
* usb: gadget: net2272: Use irqflags in the call to net2272_probe_fin (git-
fixes).
* usb: hub: Replace hardcoded quirk value with BIT() macro (git-fixes).
* usb: port: Do not try to peer unused USB ports based on location (git-
fixes).
* usb: typec: Return size of buffer if pd_set operation succeeds (git-fixes).
* usb: typec: ucsi: Check for notifications after init (git-fixes).
* usb: typec: ucsi: Clean up UCSI_CABLE_PROP macros (git-fixes).
* usb: typec: ucsi: Clear EVENT_PENDING under PPM lock (git-fixes).
* usb: usb-storage: Prevent divide-by-0 error in isd200_ata_command (git-
fixes).
* usb: xhci: Add error handling in xhci_map_urb_for_dma (git-fixes).
* vboxsf: Avoid an spurious warning if load_nls_xxx() fails (git-fixes).
* vt: fix unicode buffer corruption when deleting characters (git-fixes).
* watchdog: stm32_iwdg: initialize default timeout (git-fixes).
* wifi: ath10k: fix NULL pointer dereference in
ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev() (git-fixes).
* wifi: ath11k: decrease MHI channel buffer length to 8KB (bsc#1207948).
* wifi: ath11k: initialize rx_mcs_80 and rx_mcs_160 before use (git-fixes).
* wifi: ath9k: delay all of ath9k_wmi_event_tasklet() until init is complete
(git-fixes).
* wifi: b43: Disable QoS for bcm4331 (git-fixes).
* wifi: b43: Stop correct queue in DMA worker when QoS is disabled (git-
fixes).
* wifi: b43: Stop/wake correct queue in DMA Tx path when QoS is disabled (git-
fixes).
* wifi: b43: Stop/wake correct queue in PIO Tx path when QoS is disabled (git-
fixes).
* wifi: brcmfmac: fix copyright year mentioned in platform_data header (git-
fixes).
* wifi: brcmsmac: avoid function pointer casts (git-fixes).
* wifi: iwlwifi: dbg-tlv: ensure NUL termination (git-fixes).
* wifi: iwlwifi: fix EWRD table validity check (git-fixes).
* wifi: iwlwifi: fw: do not always use FW dump trig (git-fixes).
* wifi: iwlwifi: mvm: do not set replay counters to 0xff (git-fixes).
* wifi: iwlwifi: mvm: report beacon protection failures (git-fixes).
* wifi: iwlwifi: mvm: rfi: fix potential response leaks (git-fixes).
* wifi: iwlwifi: mvm: use FW rate for non-data only on new devices (git-
fixes).
* wifi: libertas: fix some memleaks in lbs_allocate_cmd_buffer() (git-fixes).
* wifi: mwifiex: debugfs: Drop unnecessary error check for
debugfs_create_dir() (git-fixes).
* wifi: rtl8xxxu: add cancel_work_sync() for c2hcmd_work (git-fixes).
* wifi: rtw88: 8821c: Fix false alarm count (git-fixes).
* wifi: wilc1000: fix RCU usage in connect path (git-fixes).
* wifi: wilc1000: fix declarations ordering (stable-fixes).
* wifi: wilc1000: fix multi-vif management when deleting a vif (git-fixes).
* wifi: wilc1000: prevent use-after-free on vif when cleaning up all
interfaces (git-fixes).
* x86/CPU/AMD: Update the Zenbleed microcode revisions (git-fixes).
* x86/bugs: Fix the SRSO mitigation on Zen3/4 (git-fixes).
* x86/fpu: Keep xfd_state in sync with MSR_IA32_XFD (git-fixes).
* xhci: handle isoc Babble and Buffer Overrun events properly (git-fixes).
* xhci: process isoc TD properly when there was a transaction error mid TD
(git-fixes).

## Special Instructions and Notes:

* Please reboot the system after installing this update.

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.5
zypper in -t patch SUSE-2024-1322=1 openSUSE-SLE-15.5-2024-1322=1

* SUSE Linux Enterprise Micro 5.5
zypper in -t patch SUSE-SLE-Micro-5.5-2024-1322=1

* SUSE Linux Enterprise Live Patching 15-SP5
zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2024-1322=1

* SUSE Real Time Module 15-SP5
zypper in -t patch SUSE-SLE-Module-RT-15-SP5-2024-1322=1

## Package List:

* openSUSE Leap 15.5 (noarch)
* kernel-devel-rt-5.14.21-150500.13.43.1
* kernel-source-rt-5.14.21-150500.13.43.1
* openSUSE Leap 15.5 (x86_64)
* kernel-rt-vdso-5.14.21-150500.13.43.1
* gfs2-kmp-rt-5.14.21-150500.13.43.1
* kernel-rt_debug-devel-5.14.21-150500.13.43.1
* cluster-md-kmp-rt-5.14.21-150500.13.43.1
* kernel-livepatch-5_14_21-150500_13_43-rt-1-150500.11.5.1
* kernel-rt_debug-vdso-debuginfo-5.14.21-150500.13.43.1
* kernel-rt-debuginfo-5.14.21-150500.13.43.1
* kselftests-kmp-rt-5.14.21-150500.13.43.1
* ocfs2-kmp-rt-5.14.21-150500.13.43.1
* kernel-rt-devel-debuginfo-5.14.21-150500.13.43.1
* kernel-rt-livepatch-5.14.21-150500.13.43.1
* kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo-1-150500.11.5.1
* kernel-rt-extra-debuginfo-5.14.21-150500.13.43.1
* dlm-kmp-rt-debuginfo-5.14.21-150500.13.43.1
* reiserfs-kmp-rt-debuginfo-5.14.21-150500.13.43.1
* kernel-rt-extra-5.14.21-150500.13.43.1
* kernel-rt-optional-debuginfo-5.14.21-150500.13.43.1
* kernel-rt_debug-livepatch-devel-5.14.21-150500.13.43.1
* kernel-syms-rt-5.14.21-150500.13.43.1
* gfs2-kmp-rt-debuginfo-5.14.21-150500.13.43.1
* ocfs2-kmp-rt-debuginfo-5.14.21-150500.13.43.1
* kernel-rt_debug-debugsource-5.14.21-150500.13.43.1
* kernel-rt-debugsource-5.14.21-150500.13.43.1
* kernel-rt-vdso-debuginfo-5.14.21-150500.13.43.1
* dlm-kmp-rt-5.14.21-150500.13.43.1
* cluster-md-kmp-rt-debuginfo-5.14.21-150500.13.43.1
* kernel-rt_debug-debuginfo-5.14.21-150500.13.43.1
* kselftests-kmp-rt-debuginfo-5.14.21-150500.13.43.1
* kernel-rt-optional-5.14.21-150500.13.43.1
* kernel-rt-devel-5.14.21-150500.13.43.1
* kernel-rt_debug-devel-debuginfo-5.14.21-150500.13.43.1
* kernel-rt_debug-vdso-5.14.21-150500.13.43.1
* kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource-1-150500.11.5.1
* kernel-rt-livepatch-devel-5.14.21-150500.13.43.1
* reiserfs-kmp-rt-5.14.21-150500.13.43.1
* openSUSE Leap 15.5 (nosrc x86_64)
* kernel-rt_debug-5.14.21-150500.13.43.1
* kernel-rt-5.14.21-150500.13.43.1
* SUSE Linux Enterprise Micro 5.5 (nosrc x86_64)
* kernel-rt-5.14.21-150500.13.43.1
* SUSE Linux Enterprise Micro 5.5 (x86_64)
* kernel-rt-debuginfo-5.14.21-150500.13.43.1
* kernel-rt-debugsource-5.14.21-150500.13.43.1
* SUSE Linux Enterprise Micro 5.5 (noarch)
* kernel-source-rt-5.14.21-150500.13.43.1
* SUSE Linux Enterprise Live Patching 15-SP5 (x86_64)
* kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource-1-150500.11.5.1
* kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo-1-150500.11.5.1
* kernel-livepatch-5_14_21-150500_13_43-rt-1-150500.11.5.1
* SUSE Real Time Module 15-SP5 (x86_64)
* kernel-rt-vdso-5.14.21-150500.13.43.1
* gfs2-kmp-rt-5.14.21-150500.13.43.1
* kernel-rt_debug-devel-5.14.21-150500.13.43.1
* cluster-md-kmp-rt-5.14.21-150500.13.43.1
* kernel-rt_debug-vdso-debuginfo-5.14.21-150500.13.43.1
* kernel-rt-debuginfo-5.14.21-150500.13.43.1
* ocfs2-kmp-rt-5.14.21-150500.13.43.1
* kernel-rt-devel-debuginfo-5.14.21-150500.13.43.1
* dlm-kmp-rt-debuginfo-5.14.21-150500.13.43.1
* kernel-syms-rt-5.14.21-150500.13.43.1
* gfs2-kmp-rt-debuginfo-5.14.21-150500.13.43.1
* ocfs2-kmp-rt-debuginfo-5.14.21-150500.13.43.1
* kernel-rt_debug-debugsource-5.14.21-150500.13.43.1
* kernel-rt-debugsource-5.14.21-150500.13.43.1
* kernel-rt-vdso-debuginfo-5.14.21-150500.13.43.1
* dlm-kmp-rt-5.14.21-150500.13.43.1
* cluster-md-kmp-rt-debuginfo-5.14.21-150500.13.43.1
* kernel-rt_debug-debuginfo-5.14.21-150500.13.43.1
* kernel-rt-devel-5.14.21-150500.13.43.1
* kernel-rt_debug-devel-debuginfo-5.14.21-150500.13.43.1
* kernel-rt_debug-vdso-5.14.21-150500.13.43.1
* SUSE Real Time Module 15-SP5 (noarch)
* kernel-devel-rt-5.14.21-150500.13.43.1
* kernel-source-rt-5.14.21-150500.13.43.1
* SUSE Real Time Module 15-SP5 (nosrc x86_64)
* kernel-rt_debug-5.14.21-150500.13.43.1
* kernel-rt-5.14.21-150500.13.43.1

## References:

* https://www.suse.com/security/cve/CVE-2021-46925.html
* https://www.suse.com/security/cve/CVE-2021-46926.html
* https://www.suse.com/security/cve/CVE-2021-46927.html
* https://www.suse.com/security/cve/CVE-2021-46929.html
* https://www.suse.com/security/cve/CVE-2021-46930.html
* https://www.suse.com/security/cve/CVE-2021-46931.html
* https://www.suse.com/security/cve/CVE-2021-46933.html
* https://www.suse.com/security/cve/CVE-2021-46934.html
* https://www.suse.com/security/cve/CVE-2021-46936.html
* https://www.suse.com/security/cve/CVE-2021-47082.html
* https://www.suse.com/security/cve/CVE-2021-47083.html
* https://www.suse.com/security/cve/CVE-2021-47087.html
* https://www.suse.com/security/cve/CVE-2021-47091.html
* https://www.suse.com/security/cve/CVE-2021-47093.html
* https://www.suse.com/security/cve/CVE-2021-47094.html
* https://www.suse.com/security/cve/CVE-2021-47095.html
* https://www.suse.com/security/cve/CVE-2021-47096.html
* https://www.suse.com/security/cve/CVE-2021-47097.html
* https://www.suse.com/security/cve/CVE-2021-47098.html
* https://www.suse.com/security/cve/CVE-2021-47099.html
* https://www.suse.com/security/cve/CVE-2021-47100.html
* https://www.suse.com/security/cve/CVE-2021-47101.html
* https://www.suse.com/security/cve/CVE-2021-47102.html
* https://www.suse.com/security/cve/CVE-2021-47104.html
* https://www.suse.com/security/cve/CVE-2021-47105.html
* https://www.suse.com/security/cve/CVE-2021-47107.html
* https://www.suse.com/security/cve/CVE-2021-47108.html
* https://www.suse.com/security/cve/CVE-2022-4744.html
* https://www.suse.com/security/cve/CVE-2022-48626.html
* https://www.suse.com/security/cve/CVE-2022-48627.html
* https://www.suse.com/security/cve/CVE-2022-48628.html
* https://www.suse.com/security/cve/CVE-2022-48629.html
* https://www.suse.com/security/cve/CVE-2022-48630.html
* https://www.suse.com/security/cve/CVE-2023-0160.html
* https://www.suse.com/security/cve/CVE-2023-28746.html
* https://www.suse.com/security/cve/CVE-2023-35827.html
* https://www.suse.com/security/cve/CVE-2023-4881.html
* https://www.suse.com/security/cve/CVE-2023-52447.html
* https://www.suse.com/security/cve/CVE-2023-52450.html
* https://www.suse.com/security/cve/CVE-2023-52453.html
* https://www.suse.com/security/cve/CVE-2023-52454.html
* https://www.suse.com/security/cve/CVE-2023-52462.html
* https://www.suse.com/security/cve/CVE-2023-52463.html
* https://www.suse.com/security/cve/CVE-2023-52467.html
* https://www.suse.com/security/cve/CVE-2023-52469.html
* https://www.suse.com/security/cve/CVE-2023-52470.html
* https://www.suse.com/security/cve/CVE-2023-52474.html
* https://www.suse.com/security/cve/CVE-2023-52476.html
* https://www.suse.com/security/cve/CVE-2023-52477.html
* https://www.suse.com/security/cve/CVE-2023-52481.html
* https://www.suse.com/security/cve/CVE-2023-52482.html
* https://www.suse.com/security/cve/CVE-2023-52484.html
* https://www.suse.com/security/cve/CVE-2023-52486.html
* https://www.suse.com/security/cve/CVE-2023-52492.html
* https://www.suse.com/security/cve/CVE-2023-52493.html
* https://www.suse.com/security/cve/CVE-2023-52494.html
* https://www.suse.com/security/cve/CVE-2023-52497.html
* https://www.suse.com/security/cve/CVE-2023-52500.html
* https://www.suse.com/security/cve/CVE-2023-52501.html
* https://www.suse.com/security/cve/CVE-2023-52502.html
* https://www.suse.com/security/cve/CVE-2023-52504.html
* https://www.suse.com/security/cve/CVE-2023-52507.html
* https://www.suse.com/security/cve/CVE-2023-52508.html
* https://www.suse.com/security/cve/CVE-2023-52509.html
* https://www.suse.com/security/cve/CVE-2023-52510.html
* https://www.suse.com/security/cve/CVE-2023-52511.html
* https://www.suse.com/security/cve/CVE-2023-52513.html
* https://www.suse.com/security/cve/CVE-2023-52515.html
* https://www.suse.com/security/cve/CVE-2023-52517.html
* https://www.suse.com/security/cve/CVE-2023-52518.html
* https://www.suse.com/security/cve/CVE-2023-52519.html
* https://www.suse.com/security/cve/CVE-2023-52520.html
* https://www.suse.com/security/cve/CVE-2023-52523.html
* https://www.suse.com/security/cve/CVE-2023-52524.html
* https://www.suse.com/security/cve/CVE-2023-52525.html
* https://www.suse.com/security/cve/CVE-2023-52528.html
* https://www.suse.com/security/cve/CVE-2023-52529.html
* https://www.suse.com/security/cve/CVE-2023-52530.html
* https://www.suse.com/security/cve/CVE-2023-52531.html
* https://www.suse.com/security/cve/CVE-2023-52532.html
* https://www.suse.com/security/cve/CVE-2023-52559.html
* https://www.suse.com/security/cve/CVE-2023-52563.html
* https://www.suse.com/security/cve/CVE-2023-52564.html
* https://www.suse.com/security/cve/CVE-2023-52566.html
* https://www.suse.com/security/cve/CVE-2023-52567.html
* https://www.suse.com/security/cve/CVE-2023-52569.html
* https://www.suse.com/security/cve/CVE-2023-52574.html
* https://www.suse.com/security/cve/CVE-2023-52575.html
* https://www.suse.com/security/cve/CVE-2023-52576.html
* https://www.suse.com/security/cve/CVE-2023-52582.html
* https://www.suse.com/security/cve/CVE-2023-52583.html
* https://www.suse.com/security/cve/CVE-2023-52587.html
* https://www.suse.com/security/cve/CVE-2023-52591.html
* https://www.suse.com/security/cve/CVE-2023-52594.html
* https://www.suse.com/security/cve/CVE-2023-52595.html
* https://www.suse.com/security/cve/CVE-2023-52597.html
* https://www.suse.com/security/cve/CVE-2023-52598.html
* https://www.suse.com/security/cve/CVE-2023-52599.html
* https://www.suse.com/security/cve/CVE-2023-52600.html
* https://www.suse.com/security/cve/CVE-2023-52601.html
* https://www.suse.com/security/cve/CVE-2023-52602.html
* https://www.suse.com/security/cve/CVE-2023-52603.html
* https://www.suse.com/security/cve/CVE-2023-52604.html
* https://www.suse.com/security/cve/CVE-2023-52605.html
* https://www.suse.com/security/cve/CVE-2023-52606.html
* https://www.suse.com/security/cve/CVE-2023-52607.html
* https://www.suse.com/security/cve/CVE-2023-52608.html
* https://www.suse.com/security/cve/CVE-2023-52612.html
* https://www.suse.com/security/cve/CVE-2023-52615.html
* https://www.suse.com/security/cve/CVE-2023-52617.html
* https://www.suse.com/security/cve/CVE-2023-52619.html
* https://www.suse.com/security/cve/CVE-2023-52621.html
* https://www.suse.com/security/cve/CVE-2023-52623.html
* https://www.suse.com/security/cve/CVE-2023-52628.html
* https://www.suse.com/security/cve/CVE-2023-52632.html
* https://www.suse.com/security/cve/CVE-2023-52637.html
* https://www.suse.com/security/cve/CVE-2023-52639.html
* https://www.suse.com/security/cve/CVE-2023-6270.html
* https://www.suse.com/security/cve/CVE-2023-6356.html
* https://www.suse.com/security/cve/CVE-2023-6535.html
* https://www.suse.com/security/cve/CVE-2023-6536.html
* https://www.suse.com/security/cve/CVE-2023-7042.html
* https://www.suse.com/security/cve/CVE-2023-7192.html
* https://www.suse.com/security/cve/CVE-2024-0841.html
* https://www.suse.com/security/cve/CVE-2024-2201.html
* https://www.suse.com/security/cve/CVE-2024-22099.html
* https://www.suse.com/security/cve/CVE-2024-23307.html
* https://www.suse.com/security/cve/CVE-2024-25739.html
* https://www.suse.com/security/cve/CVE-2024-25742.html
* https://www.suse.com/security/cve/CVE-2024-26599.html
* https://www.suse.com/security/cve/CVE-2024-26600.html
* https://www.suse.com/security/cve/CVE-2024-26602.html
* https://www.suse.com/security/cve/CVE-2024-26607.html
* https://www.suse.com/security/cve/CVE-2024-26612.html
* https://www.suse.com/security/cve/CVE-2024-26614.html
* https://www.suse.com/security/cve/CVE-2024-26620.html
* https://www.suse.com/security/cve/CVE-2024-26627.html
* https://www.suse.com/security/cve/CVE-2024-26629.html
* https://www.suse.com/security/cve/CVE-2024-26642.html
* https://www.suse.com/security/cve/CVE-2024-26645.html
* https://www.suse.com/security/cve/CVE-2024-26646.html
* https://www.suse.com/security/cve/CVE-2024-26651.html
* https://www.suse.com/security/cve/CVE-2024-26654.html
* https://www.suse.com/security/cve/CVE-2024-26659.html
* https://www.suse.com/security/cve/CVE-2024-26664.html
* https://www.suse.com/security/cve/CVE-2024-26667.html
* https://www.suse.com/security/cve/CVE-2024-26670.html
* https://www.suse.com/security/cve/CVE-2024-26695.html
* https://www.suse.com/security/cve/CVE-2024-26717.html
* https://bugzilla.suse.com/show_bug.cgi?id=1194869
* https://bugzilla.suse.com/show_bug.cgi?id=1200465
* https://bugzilla.suse.com/show_bug.cgi?id=1205316
* https://bugzilla.suse.com/show_bug.cgi?id=1207948
* https://bugzilla.suse.com/show_bug.cgi?id=1209635
* https://bugzilla.suse.com/show_bug.cgi?id=1209657
* https://bugzilla.suse.com/show_bug.cgi?id=1212514
* https://bugzilla.suse.com/show_bug.cgi?id=1213456
* https://bugzilla.suse.com/show_bug.cgi?id=1214852
* https://bugzilla.suse.com/show_bug.cgi?id=1215221
* https://bugzilla.suse.com/show_bug.cgi?id=1215322
* https://bugzilla.suse.com/show_bug.cgi?id=1217339
* https://bugzilla.suse.com/show_bug.cgi?id=1217959
* https://bugzilla.suse.com/show_bug.cgi?id=1217987
* https://bugzilla.suse.com/show_bug.cgi?id=1217988
* https://bugzilla.suse.com/show_bug.cgi?id=1217989
* https://bugzilla.suse.com/show_bug.cgi?id=1218321
* https://bugzilla.suse.com/show_bug.cgi?id=1218336
* https://bugzilla.suse.com/show_bug.cgi?id=1218479
* https://bugzilla.suse.com/show_bug.cgi?id=1218562
* https://bugzilla.suse.com/show_bug.cgi?id=1218643
* https://bugzilla.suse.com/show_bug.cgi?id=1218777
* https://bugzilla.suse.com/show_bug.cgi?id=1219169
* https://bugzilla.suse.com/show_bug.cgi?id=1219170
* https://bugzilla.suse.com/show_bug.cgi?id=1219264
* https://bugzilla.suse.com/show_bug.cgi?id=1219834
* https://bugzilla.suse.com/show_bug.cgi?id=1220114
* https://bugzilla.suse.com/show_bug.cgi?id=1220176
* https://bugzilla.suse.com/show_bug.cgi?id=1220237
* https://bugzilla.suse.com/show_bug.cgi?id=1220251
* https://bugzilla.suse.com/show_bug.cgi?id=1220320
* https://bugzilla.suse.com/show_bug.cgi?id=1220325
* https://bugzilla.suse.com/show_bug.cgi?id=1220328
* https://bugzilla.suse.com/show_bug.cgi?id=1220337
* https://bugzilla.suse.com/show_bug.cgi?id=1220340
* https://bugzilla.suse.com/show_bug.cgi?id=1220365
* https://bugzilla.suse.com/show_bug.cgi?id=1220366
* https://bugzilla.suse.com/show_bug.cgi?id=1220398
* https://bugzilla.suse.com/show_bug.cgi?id=1220411
* https://bugzilla.suse.com/show_bug.cgi?id=1220413
* https://bugzilla.suse.com/show_bug.cgi?id=1220433
* https://bugzilla.suse.com/show_bug.cgi?id=1220439
* https://bugzilla.suse.com/show_bug.cgi?id=1220443
* https://bugzilla.suse.com/show_bug.cgi?id=1220445
* https://bugzilla.suse.com/show_bug.cgi?id=1220466
* https://bugzilla.suse.com/show_bug.cgi?id=1220469
* https://bugzilla.suse.com/show_bug.cgi?id=1220478
* https://bugzilla.suse.com/show_bug.cgi?id=1220482
* https://bugzilla.suse.com/show_bug.cgi?id=1220484
* https://bugzilla.suse.com/show_bug.cgi?id=1220486
* https://bugzilla.suse.com/show_bug.cgi?id=1220487
* https://bugzilla.suse.com/show_bug.cgi?id=1220492
* https://bugzilla.suse.com/show_bug.cgi?id=1220703
* https://bugzilla.suse.com/show_bug.cgi?id=1220735
* https://bugzilla.suse.com/show_bug.cgi?id=1220736
* https://bugzilla.suse.com/show_bug.cgi?id=1220775
* https://bugzilla.suse.com/show_bug.cgi?id=1220790
* https://bugzilla.suse.com/show_bug.cgi?id=1220797
* https://bugzilla.suse.com/show_bug.cgi?id=1220831
* https://bugzilla.suse.com/show_bug.cgi?id=1220833
* https://bugzilla.suse.com/show_bug.cgi?id=1220836
* https://bugzilla.suse.com/show_bug.cgi?id=1220839
* https://bugzilla.suse.com/show_bug.cgi?id=1220840
* https://bugzilla.suse.com/show_bug.cgi?id=1220843
* https://bugzilla.suse.com/show_bug.cgi?id=1220845
* https://bugzilla.suse.com/show_bug.cgi?id=1220848
* https://bugzilla.suse.com/show_bug.cgi?id=1220870
* https://bugzilla.suse.com/show_bug.cgi?id=1220871
* https://bugzilla.suse.com/show_bug.cgi?id=1220872
* https://bugzilla.suse.com/show_bug.cgi?id=1220878
* https://bugzilla.suse.com/show_bug.cgi?id=1220879
* https://bugzilla.suse.com/show_bug.cgi?id=1220883
* https://bugzilla.suse.com/show_bug.cgi?id=1220885
* https://bugzilla.suse.com/show_bug.cgi?id=1220887
* https://bugzilla.suse.com/show_bug.cgi?id=1220898
* https://bugzilla.suse.com/show_bug.cgi?id=1220917
* https://bugzilla.suse.com/show_bug.cgi?id=1220918
* https://bugzilla.suse.com/show_bug.cgi?id=1220920
* https://bugzilla.suse.com/show_bug.cgi?id=1220921
* https://bugzilla.suse.com/show_bug.cgi?id=1220926
* https://bugzilla.suse.com/show_bug.cgi?id=1220927
* https://bugzilla.suse.com/show_bug.cgi?id=1220929
* https://bugzilla.suse.com/show_bug.cgi?id=1220930
* https://bugzilla.suse.com/show_bug.cgi?id=1220931
* https://bugzilla.suse.com/show_bug.cgi?id=1220932
* https://bugzilla.suse.com/show_bug.cgi?id=1220933
* https://bugzilla.suse.com/show_bug.cgi?id=1220937
* https://bugzilla.suse.com/show_bug.cgi?id=1220938
* https://bugzilla.suse.com/show_bug.cgi?id=1220940
* https://bugzilla.suse.com/show_bug.cgi?id=1220954
* https://bugzilla.suse.com/show_bug.cgi?id=1220955
* https://bugzilla.suse.com/show_bug.cgi?id=1220959
* https://bugzilla.suse.com/show_bug.cgi?id=1220960
* https://bugzilla.suse.com/show_bug.cgi?id=1220961
* https://bugzilla.suse.com/show_bug.cgi?id=1220965
* https://bugzilla.suse.com/show_bug.cgi?id=1220969
* https://bugzilla.suse.com/show_bug.cgi?id=1220978
* https://bugzilla.suse.com/show_bug.cgi?id=1220979
* https://bugzilla.suse.com/show_bug.cgi?id=1220981
* https://bugzilla.suse.com/show_bug.cgi?id=1220982
* https://bugzilla.suse.com/show_bug.cgi?id=1220983
* https://bugzilla.suse.com/show_bug.cgi?id=1220985
* https://bugzilla.suse.com/show_bug.cgi?id=1220986
* https://bugzilla.suse.com/show_bug.cgi?id=1220987
* https://bugzilla.suse.com/show_bug.cgi?id=1220989
* https://bugzilla.suse.com/show_bug.cgi?id=1220990
* https://bugzilla.suse.com/show_bug.cgi?id=1221009
* https://bugzilla.suse.com/show_bug.cgi?id=1221012
* https://bugzilla.suse.com/show_bug.cgi?id=1221015
* https://bugzilla.suse.com/show_bug.cgi?id=1221022
* https://bugzilla.suse.com/show_bug.cgi?id=1221039
* https://bugzilla.suse.com/show_bug.cgi?id=1221040
* https://bugzilla.suse.com/show_bug.cgi?id=1221044
* https://bugzilla.suse.com/show_bug.cgi?id=1221045
* https://bugzilla.suse.com/show_bug.cgi?id=1221046
* https://bugzilla.suse.com/show_bug.cgi?id=1221048
* https://bugzilla.suse.com/show_bug.cgi?id=1221055
* https://bugzilla.suse.com/show_bug.cgi?id=1221056
* https://bugzilla.suse.com/show_bug.cgi?id=1221058
* https://bugzilla.suse.com/show_bug.cgi?id=1221060
* https://bugzilla.suse.com/show_bug.cgi?id=1221061
* https://bugzilla.suse.com/show_bug.cgi?id=1221062
* https://bugzilla.suse.com/show_bug.cgi?id=1221066
* https://bugzilla.suse.com/show_bug.cgi?id=1221067
* https://bugzilla.suse.com/show_bug.cgi?id=1221068
* https://bugzilla.suse.com/show_bug.cgi?id=1221069
* https://bugzilla.suse.com/show_bug.cgi?id=1221070
* https://bugzilla.suse.com/show_bug.cgi?id=1221071
* https://bugzilla.suse.com/show_bug.cgi?id=1221077
* https://bugzilla.suse.com/show_bug.cgi?id=1221082
* https://bugzilla.suse.com/show_bug.cgi?id=1221090
* https://bugzilla.suse.com/show_bug.cgi?id=1221097
* https://bugzilla.suse.com/show_bug.cgi?id=1221156
* https://bugzilla.suse.com/show_bug.cgi?id=1221252
* https://bugzilla.suse.com/show_bug.cgi?id=1221273
* https://bugzilla.suse.com/show_bug.cgi?id=1221274
* https://bugzilla.suse.com/show_bug.cgi?id=1221276
* https://bugzilla.suse.com/show_bug.cgi?id=1221277
* https://bugzilla.suse.com/show_bug.cgi?id=1221291
* https://bugzilla.suse.com/show_bug.cgi?id=1221293
* https://bugzilla.suse.com/show_bug.cgi?id=1221298
* https://bugzilla.suse.com/show_bug.cgi?id=1221337
* https://bugzilla.suse.com/show_bug.cgi?id=1221338
* https://bugzilla.suse.com/show_bug.cgi?id=1221375
* https://bugzilla.suse.com/show_bug.cgi?id=1221379
* https://bugzilla.suse.com/show_bug.cgi?id=1221551
* https://bugzilla.suse.com/show_bug.cgi?id=1221553
* https://bugzilla.suse.com/show_bug.cgi?id=1221613
* https://bugzilla.suse.com/show_bug.cgi?id=1221614
* https://bugzilla.suse.com/show_bug.cgi?id=1221616
* https://bugzilla.suse.com/show_bug.cgi?id=1221618
* https://bugzilla.suse.com/show_bug.cgi?id=1221631
* https://bugzilla.suse.com/show_bug.cgi?id=1221633
* https://bugzilla.suse.com/show_bug.cgi?id=1221713
* https://bugzilla.suse.com/show_bug.cgi?id=1221725
* https://bugzilla.suse.com/show_bug.cgi?id=1221777
* https://bugzilla.suse.com/show_bug.cgi?id=1221814
* https://bugzilla.suse.com/show_bug.cgi?id=1221816
* https://bugzilla.suse.com/show_bug.cgi?id=1221830
* https://bugzilla.suse.com/show_bug.cgi?id=1221951
* https://bugzilla.suse.com/show_bug.cgi?id=1222033
* https://bugzilla.suse.com/show_bug.cgi?id=1222056
* https://bugzilla.suse.com/show_bug.cgi?id=1222060
* https://bugzilla.suse.com/show_bug.cgi?id=1222070
* https://bugzilla.suse.com/show_bug.cgi?id=1222073
* https://bugzilla.suse.com/show_bug.cgi?id=1222117
* https://bugzilla.suse.com/show_bug.cgi?id=1222274
* https://bugzilla.suse.com/show_bug.cgi?id=1222291
* https://bugzilla.suse.com/show_bug.cgi?id=1222300
* https://bugzilla.suse.com/show_bug.cgi?id=1222304
* https://bugzilla.suse.com/show_bug.cgi?id=1222317
* https://bugzilla.suse.com/show_bug.cgi?id=1222331
* https://bugzilla.suse.com/show_bug.cgi?id=1222355
* https://bugzilla.suse.com/show_bug.cgi?id=1222356
* https://bugzilla.suse.com/show_bug.cgi?id=1222360
* https://bugzilla.suse.com/show_bug.cgi?id=1222366
* https://bugzilla.suse.com/show_bug.cgi?id=1222373
* https://bugzilla.suse.com/show_bug.cgi?id=1222619
* https://jira.suse.com/browse/PED-5759
* https://jira.suse.com/browse/PED-7167
* https://jira.suse.com/browse/PED-7618
* https://jira.suse.com/browse/PED-7619



SUSE-SU-2024:1332-1: important: Security update for the Linux Kernel


# Security update for the Linux Kernel

Announcement ID: SUSE-SU-2024:1332-1
Rating: important
References:

* bsc#1194869
* bsc#1200465
* bsc#1205316
* bsc#1207948
* bsc#1209635
* bsc#1209657
* bsc#1212514
* bsc#1213456
* bsc#1214852
* bsc#1215221
* bsc#1215322
* bsc#1217339
* bsc#1217959
* bsc#1217987
* bsc#1217988
* bsc#1217989
* bsc#1218321
* bsc#1218336
* bsc#1218479
* bsc#1218643
* bsc#1218777
* bsc#1219169
* bsc#1219170
* bsc#1219264
* bsc#1219834
* bsc#1220114
* bsc#1220176
* bsc#1220237
* bsc#1220251
* bsc#1220320
* bsc#1220337
* bsc#1220340
* bsc#1220365
* bsc#1220366
* bsc#1220398
* bsc#1220411
* bsc#1220413
* bsc#1220439
* bsc#1220443
* bsc#1220445
* bsc#1220466
* bsc#1220478
* bsc#1220482
* bsc#1220484
* bsc#1220486
* bsc#1220487
* bsc#1220492
* bsc#1220703
* bsc#1220775
* bsc#1220790
* bsc#1220797
* bsc#1220831
* bsc#1220833
* bsc#1220836
* bsc#1220839
* bsc#1220840
* bsc#1220843
* bsc#1220870
* bsc#1220871
* bsc#1220872
* bsc#1220878
* bsc#1220879
* bsc#1220883
* bsc#1220885
* bsc#1220887
* bsc#1220898
* bsc#1220918
* bsc#1220920
* bsc#1220921
* bsc#1220926
* bsc#1220927
* bsc#1220929
* bsc#1220932
* bsc#1220937
* bsc#1220938
* bsc#1220940
* bsc#1220954
* bsc#1220955
* bsc#1220959
* bsc#1220960
* bsc#1220961
* bsc#1220965
* bsc#1220969
* bsc#1220978
* bsc#1220979
* bsc#1220981
* bsc#1220982
* bsc#1220983
* bsc#1220985
* bsc#1220986
* bsc#1220987
* bsc#1220989
* bsc#1220990
* bsc#1221009
* bsc#1221012
* bsc#1221015
* bsc#1221022
* bsc#1221039
* bsc#1221040
* bsc#1221044
* bsc#1221045
* bsc#1221046
* bsc#1221048
* bsc#1221055
* bsc#1221056
* bsc#1221058
* bsc#1221060
* bsc#1221061
* bsc#1221062
* bsc#1221066
* bsc#1221067
* bsc#1221068
* bsc#1221069
* bsc#1221070
* bsc#1221071
* bsc#1221077
* bsc#1221082
* bsc#1221090
* bsc#1221097
* bsc#1221156
* bsc#1221252
* bsc#1221273
* bsc#1221274
* bsc#1221276
* bsc#1221277
* bsc#1221291
* bsc#1221293
* bsc#1221298
* bsc#1221337
* bsc#1221338
* bsc#1221375
* bsc#1221379
* bsc#1221551
* bsc#1221553
* bsc#1221613
* bsc#1221614
* bsc#1221616
* bsc#1221618
* bsc#1221631
* bsc#1221633
* bsc#1221713
* bsc#1221777
* bsc#1221814
* bsc#1221816
* bsc#1221830
* bsc#1221951
* bsc#1222033
* bsc#1222056
* bsc#1222060
* bsc#1222070
* bsc#1222073
* bsc#1222117
* bsc#1222274
* bsc#1222291
* bsc#1222300
* bsc#1222304
* bsc#1222317
* bsc#1222331
* bsc#1222355
* bsc#1222356
* bsc#1222360
* bsc#1222366
* bsc#1222373
* bsc#1222619
* jsc#PED-5759
* jsc#PED-7167
* jsc#PED-7619

Cross-References:

* CVE-2021-46925
* CVE-2021-46926
* CVE-2021-46927
* CVE-2021-46929
* CVE-2021-46930
* CVE-2021-46931
* CVE-2021-46933
* CVE-2021-46936
* CVE-2021-47082
* CVE-2021-47087
* CVE-2021-47091
* CVE-2021-47093
* CVE-2021-47094
* CVE-2021-47095
* CVE-2021-47096
* CVE-2021-47097
* CVE-2021-47098
* CVE-2021-47099
* CVE-2021-47100
* CVE-2021-47101
* CVE-2021-47102
* CVE-2021-47104
* CVE-2021-47105
* CVE-2021-47107
* CVE-2021-47108
* CVE-2022-4744
* CVE-2022-48626
* CVE-2022-48629
* CVE-2022-48630
* CVE-2023-0160
* CVE-2023-28746
* CVE-2023-35827
* CVE-2023-4881
* CVE-2023-52447
* CVE-2023-52450
* CVE-2023-52453
* CVE-2023-52454
* CVE-2023-52469
* CVE-2023-52470
* CVE-2023-52474
* CVE-2023-52476
* CVE-2023-52477
* CVE-2023-52481
* CVE-2023-52484
* CVE-2023-52486
* CVE-2023-52492
* CVE-2023-52493
* CVE-2023-52494
* CVE-2023-52497
* CVE-2023-52500
* CVE-2023-52501
* CVE-2023-52502
* CVE-2023-52504
* CVE-2023-52507
* CVE-2023-52508
* CVE-2023-52509
* CVE-2023-52510
* CVE-2023-52511
* CVE-2023-52513
* CVE-2023-52515
* CVE-2023-52517
* CVE-2023-52518
* CVE-2023-52519
* CVE-2023-52520
* CVE-2023-52523
* CVE-2023-52524
* CVE-2023-52525
* CVE-2023-52528
* CVE-2023-52529
* CVE-2023-52532
* CVE-2023-52563
* CVE-2023-52564
* CVE-2023-52566
* CVE-2023-52567
* CVE-2023-52569
* CVE-2023-52574
* CVE-2023-52575
* CVE-2023-52576
* CVE-2023-52582
* CVE-2023-52583
* CVE-2023-52587
* CVE-2023-52591
* CVE-2023-52594
* CVE-2023-52595
* CVE-2023-52597
* CVE-2023-52598
* CVE-2023-52599
* CVE-2023-52600
* CVE-2023-52601
* CVE-2023-52602
* CVE-2023-52603
* CVE-2023-52604
* CVE-2023-52605
* CVE-2023-52606
* CVE-2023-52607
* CVE-2023-52608
* CVE-2023-52612
* CVE-2023-52615
* CVE-2023-52617
* CVE-2023-52619
* CVE-2023-52621
* CVE-2023-52623
* CVE-2023-52628
* CVE-2023-52632
* CVE-2023-52637
* CVE-2023-52639
* CVE-2023-6356
* CVE-2023-6535
* CVE-2023-6536
* CVE-2023-7042
* CVE-2023-7192
* CVE-2024-0841
* CVE-2024-2201
* CVE-2024-22099
* CVE-2024-23307
* CVE-2024-25739
* CVE-2024-26599
* CVE-2024-26600
* CVE-2024-26602
* CVE-2024-26612
* CVE-2024-26614
* CVE-2024-26620
* CVE-2024-26627
* CVE-2024-26629
* CVE-2024-26642
* CVE-2024-26645
* CVE-2024-26646
* CVE-2024-26651
* CVE-2024-26654
* CVE-2024-26659
* CVE-2024-26664
* CVE-2024-26667
* CVE-2024-26670
* CVE-2024-26695
* CVE-2024-26717

CVSS scores:

* CVE-2021-46925 ( SUSE ): 5.3 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-46925 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-46926 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-46927 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-46927 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-46929 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
* CVE-2021-46929 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-46930 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
* CVE-2021-46930 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-46931 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-46931 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-46933 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
* CVE-2021-46933 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-46936 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-46936 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2021-47082 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47087 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
* CVE-2021-47093 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H
* CVE-2021-47094 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
* CVE-2021-47095 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47096 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
* CVE-2021-47097 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
* CVE-2021-47099 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47100 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47101 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
* CVE-2021-47102 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47104 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
* CVE-2021-47105 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
* CVE-2021-47107 ( SUSE ): 6.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
* CVE-2021-47108 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-4744 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2022-4744 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2022-48626 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
* CVE-2022-48626 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2022-48629 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
* CVE-2022-48630 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-0160 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-0160 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-28746 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
* CVE-2023-35827 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-4881 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L
* CVE-2023-4881 ( NVD ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H
* CVE-2023-52447 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-52447 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-52450 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52450 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52454 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52469 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
* CVE-2023-52469 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-52470 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52470 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52474 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
* CVE-2023-52474 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-52476 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52477 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52484 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52486 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52492 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52493 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52494 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52497 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
* CVE-2023-52500 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
* CVE-2023-52501 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
* CVE-2023-52502 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-52504 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52507 ( SUSE ): 5.7 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
* CVE-2023-52508 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52509 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-52510 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-52511 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52513 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52515 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52517 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52518 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52519 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52520 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52523 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52524 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52525 ( SUSE ): 3.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
* CVE-2023-52528 ( SUSE ): 3.5 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
* CVE-2023-52529 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52532 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52563 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52564 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52566 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52567 ( SUSE ): 2.3 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L
* CVE-2023-52569 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52574 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52575 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52576 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52582 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52583 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52587 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52591 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
* CVE-2023-52594 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52595 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52597 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:H
* CVE-2023-52598 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52603 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52605 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52606 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52607 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52608 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52612 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H
* CVE-2023-52615 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52617 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52619 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52621 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52623 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52628 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-52632 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52637 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52639 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-6356 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-6356 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-6535 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-6535 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-6536 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-6536 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-7042 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-7042 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-7192 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-7192 ( NVD ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-0841 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-0841 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-2201 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
* CVE-2024-22099 ( SUSE ): 5.3 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-22099 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-23307 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-23307 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-25739 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-25739 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26599 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
* CVE-2024-26599 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-26600 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26600 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26602 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
* CVE-2024-26602 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26612 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26614 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26627 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26629 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
* CVE-2024-26642 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26645 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26646 ( SUSE ): 4.9 CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
* CVE-2024-26651 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26654 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26659 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26664 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26667 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26670 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26695 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26717 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected Products:

* openSUSE Leap 15.5
* Public Cloud Module 15-SP5
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP5

An update that solves 135 vulnerabilities, contains three features and has 29
security fixes can now be installed.

## Description:

The SUSE Linux Enterprise 15 SP5 Azure kernel was updated to receive various
security bugfixes.

The following security bugs were fixed:

* CVE-2021-46925: Fixed kernel panic caused by race of smc_sock (bsc#1220466).
* CVE-2021-46926: Fixed bug when detecting controllers in ALSA/hda/intel-sdw-
acpi (bsc#1220478).
* CVE-2021-46927: Fixed assertion bug in nitro_enclaves: Use
get_user_pages_unlocked() (bsc#1220443).
* CVE-2021-46929: Fixed use-after-free issue in sctp_sock_dump()
(bsc#1220482).
* CVE-2021-46930: Fixed usb/mtu3 list_head check warning (bsc#1220484).
* CVE-2021-46931: Fixed wrong type casting in mlx5e_tx_reporter_dump_sq()
(bsc#1220486).
* CVE-2021-46933: Fixed possible underflow in ffs_data_clear() (bsc#1220487).
* CVE-2021-46936: Fixed use-after-free in tw_timer_handler() (bsc#1220439).
* CVE-2021-47082: Fixed ouble free in tun_free_netdev() (bsc#1220969).
* CVE-2021-47087: Fixed incorrect page free bug in tee/optee (bsc#1220954).
* CVE-2021-47091: Fixed locking in ieee80211_start_ap()) error path
(bsc#1220959).
* CVE-2021-47093: Fixed memleak on registration failure in intel_pmc_core
(bsc#1220978).
* CVE-2021-47094: Fixed possible memory leak in KVM x86/mmu (bsc#1221551).
* CVE-2021-47095: Fixed missing initialization in ipmi/ssif (bsc#1220979).
* CVE-2021-47096: Fixed uninitalized user_pversion in ALSA rawmidi
(bsc#1220981).
* CVE-2021-47097: Fixed stack out of bound access in
elantech_change_report_id() (bsc#1220982).
* CVE-2021-47098: Fixed integer overflow/underflow in hysteresis calculations
hwmon: (lm90) (bsc#1220983).
* CVE-2021-47099: Fixed BUG_ON assertion in veth when skb entering GRO are
cloned (bsc#1220955).
* CVE-2021-47100: Fixed UAF when uninstall in ipmi (bsc#1220985).
* CVE-2021-47101: Fixed uninit-value in asix_mdio_read() (bsc#1220987).
* CVE-2021-47102: Fixed incorrect structure access In line: upper =
info->upper_dev in net/marvell/prestera (bsc#1221009).
* CVE-2021-47104: Fixed memory leak in qib_user_sdma_queue_pkts()
(bsc#1220960).
* CVE-2021-47105: Fixed potential memory leak in ice/xsk (bsc#1220961).
* CVE-2021-47107: Fixed READDIR buffer overflow in NFSD (bsc#1220965).
* CVE-2021-47108: Fixed possible NULL pointer dereference for mtk_hdmi_conf in
drm/mediatek (bsc#1220986).
* CVE-2022-4744: Fixed double-free that could lead to DoS or privilege
escalation in TUN/TAP device driver functionality (bsc#1209635).
* CVE-2022-48626: Fixed a potential use-after-free on remove path moxart
(bsc#1220366).
* CVE-2022-48629: Fixed possible memory leak in qcom-rng (bsc#1220989).
* CVE-2022-48630: Fixed infinite loop on requests not multiple of WORD_SZ in
crypto: qcom-rng (bsc#1220990).
* CVE-2023-0160: Fixed deadlock flaw in BPF that could allow a local user to
potentially crash the system (bsc#1209657).
* CVE-2023-28746: Fixed Register File Data Sampling (bsc#1213456).
* CVE-2023-35827: Fixed a use-after-free issue in ravb_tx_timeout_work()
(bsc#1212514).
* CVE-2023-4881: Fixed a out-of-bounds write flaw in the netfilter subsystem
that could lead to potential information disclosure or a denial of service
(bsc#1215221).
* CVE-2023-52447: Fixed map_fd_put_ptr() signature kABI workaround
(bsc#1220251).
* CVE-2023-52450: Fixed NULL pointer dereference issue in upi_fill_topology()
(bsc#1220237).
* CVE-2023-52453: Fixed data corruption in hisi_acc_vfio_pci (bsc#1220337).
* CVE-2023-52454: Fixed a kernel panic when host sends an invalid H2C PDU
length (bsc#1220320).
* CVE-2023-52469: Fixed a use-after-free in kv_parse_power_table
(bsc#1220411).
* CVE-2023-52470: Fixed null-ptr-deref in radeon_crtc_init() (bsc#1220413).
* CVE-2023-52474: Fixed a vulnerability with non-PAGE_SIZE-end multi-iovec
user SDMA requests (bsc#1220445).
* CVE-2023-52476: Fixed possible unhandled page fault via perf sampling NMI
during vsyscall (bsc#1220703).
* CVE-2023-52477: Fixed USB Hub accesses to uninitialized BOS descriptors
(bsc#1220790).
* CVE-2023-52481: Fixed speculative unprivileged load in Cortex-A520
(bsc#1220887).
* CVE-2023-52484: Fixed a soft lockup triggered by
arm_smmu_mm_invalidate_range (bsc#1220797).
* CVE-2023-52486: Fixed possible use-after-free in drm (bsc#1221277).
* CVE-2023-52492: Fixed a null-pointer-dereference in channel unregistration
function __dma_async_device_channel_register() (bsc#1221276).
* CVE-2023-52493: Fixed possible soft lockup in bus/mhi/host (bsc#1221274).
* CVE-2023-52494: Fixed missing alignment check for event ring read pointer in
bus/mhi/host (bsc#1221273).
* CVE-2023-52497: Fixed data corruption in erofs (bsc#1220879).
* CVE-2023-52500: Fixed information leaking when processing
OPC_INB_SET_CONTROLLER_CONFIG command (bsc#1220883).
* CVE-2023-52501: Fixed possible memory corruption in ring-buffer
(bsc#1220885).
* CVE-2023-52502: Fixed a race condition in nfc_llcp_sock_get() and
nfc_llcp_sock_get_sn() (bsc#1220831).
* CVE-2023-52504: Fixed possible out-of bounds in apply_alternatives() on a
5-level paging machine (bsc#1221553).
* CVE-2023-52507: Fixed possible shift-out-of-bounds in nfc/nci (bsc#1220833).
* CVE-2023-52508: Fixed null pointer dereference in nvme_fc_io_getuuid()
(bsc#1221015).
* CVE-2023-52509: Fixed a use-after-free issue in ravb_tx_timeout_work()
(bsc#1220836).
* CVE-2023-52510: Fixed a potential UAF in ca8210_probe() (bsc#1220898).
* CVE-2023-52511: Fixed possible memory corruption in spi/sun6i (bsc#1221012).
* CVE-2023-52513: Fixed connection failure handling in RDMA/siw (bsc#1221022).
* CVE-2023-52515: Fixed possible use-after-free in RDMA/srp (bsc#1221048).
* CVE-2023-52517: Fixed race between DMA RX transfer completion and RX FIFO
drain in spi/sun6i (bsc#1221055).
* CVE-2023-52518: Fixed information leak in bluetooth/hci_codec (bsc#1221056).
* CVE-2023-52519: Fixed possible overflow in HID/intel-ish-hid/ipc
(bsc#1220920).
* CVE-2023-52520: Fixed reference leak in platform/x86/think-lmi
(bsc#1220921).
* CVE-2023-52523: Fixed wrong redirects to non-TCP sockets in bpf
(bsc#1220926).
* CVE-2023-52524: Fixed possible corruption in nfc/llcp (bsc#1220927).
* CVE-2023-52525: Fixed out of bounds check mwifiex_process_rx_packet()
(bsc#1220840).
* CVE-2023-52528: Fixed uninit-value access in __smsc75xx_read_reg()
(bsc#1220843).
* CVE-2023-52529: Fixed a potential memory leak in sony_probe() (bsc#1220929).
* CVE-2023-52532: Fixed a bug in TX CQE error handling (bsc#1220932).
* CVE-2023-52563: Fixed memory leak on ->hpd_notify callback() in drm/meson
(bsc#1220937).
* CVE-2023-52564: Reverted invalid fix for UAF in gsm_cleanup_mux()
(bsc#1220938).
* CVE-2023-52566: Fixed potential use after free in
nilfs_gccache_submit_read_data() (bsc#1220940).
* CVE-2023-52567: Fixed possible Oops in serial/8250_port: when using IRQ
polling (irq = 0) (bsc#1220839).
* CVE-2023-52569: Fixed a bug in btrfs by remoning BUG() after failure to
insert delayed dir index item (bsc#1220918).
* CVE-2023-52574: Fixed a bug by hiding new member header_ops (bsc#1220870).
* CVE-2023-52575: Fixed SBPB enablement for spec_rstack_overflow=off
(bsc#1220871).
* CVE-2023-52576: Fixed potential use after free in memblock_isolate_range()
(bsc#1220872).
* CVE-2023-52582: Fixed possible oops in netfs (bsc#1220878).
* CVE-2023-52583: Fixed deadlock or deadcode of misusing dget() inside ceph
(bsc#1221058).
* CVE-2023-52587: Fixed mcast list locking in IB/ipoib (bsc#1221082).
* CVE-2023-52591: Fixed a possible reiserfs filesystem corruption via
directory renaming (bsc#1221044).
* CVE-2023-52594: Fixed potential array-index-out-of-bounds read in
ath9k_htc_txstatus() (bsc#1221045).
* CVE-2023-52595: Fixed possible deadlock in wifi/rt2x00 (bsc#1221046).
* CVE-2023-52597: Fixed a setting of fpc register in KVM (bsc#1221040).
* CVE-2023-52598: Fixed wrong setting of fpc register in s390/ptrace
(bsc#1221060).
* CVE-2023-52599: Fixed array-index-out-of-bounds in diNewExt() in jfs
(bsc#1221062).
* CVE-2023-52600: Fixed uaf in jfs_evict_inode() (bsc#1221071).
* CVE-2023-52601: Fixed array-index-out-of-bounds in dbAdjTree() in jfs
(bsc#1221068).
* CVE-2023-52602: Fixed slab-out-of-bounds Read in dtSearch() in jfs
(bsc#1221070).
* CVE-2023-52603: Fixed array-index-out-of-bounds in dtSplitRoot()
(bsc#1221066).
* CVE-2023-52604: Fixed array-index-out-of-bounds in dbAdjTree()
(bsc#1221067).
* CVE-2023-52605: Fixed a NULL pointer dereference check (bsc#1221039)
* CVE-2023-52606: Fixed possible kernel stack corruption in powerpc/lib
(bsc#1221069).
* CVE-2023-52607: Fixed a null-pointer-dereference in pgtable_cache_add
kasprintf() (bsc#1221061).
* CVE-2023-52608: Fixed possible race condition in firmware/arm_scmi
(bsc#1221375).
* CVE-2023-52612: Fixed req->dst buffer overflow in crypto/scomp
(bsc#1221616).
* CVE-2023-52615: Fixed page fault dead lock on mmap-ed hwrng (bsc#1221614).
* CVE-2023-52617: Fixed stdev_release() crash after surprise hot remove
(bsc#1221613).
* CVE-2023-52619: Fixed possible crash when setting number of cpus to an odd
number in pstore/ram (bsc#1221618).
* CVE-2023-52621: Fixed missing asserion in bpf (bsc#1222073).
* CVE-2023-52623: Fixed suspicious RCU usage in SUNRPC (bsc#1222060).
* CVE-2023-52628: Fixed 4-byte stack OOB write in nftables (bsc#1222117).
* CVE-2023-52632: Fixed lock dependency warning with srcu in drm/amdkfd
(bsc#1222274).
* CVE-2023-52637: Fixed UAF in j1939_sk_match_filter() in can/k1939
(bsc#1222291).
* CVE-2023-52639: Fixed race during shadow creation in KVM/s390/vsie Fixed
(bsc#1222300).
* CVE-2023-6356: Fixed a NULL pointer dereference in nvmet_tcp_build_pdu_iovec
(bsc#1217987).
* CVE-2023-6535: Fixed a NULL pointer dereference in nvmet_tcp_execute_request
(bsc#1217988).
* CVE-2023-6536: Fixed a NULL pointer dereference in __nvmet_req_complete
(bsc#1217989).
* CVE-2023-7042: Fixed a null-pointer-dereference in
ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev() (bsc#1218336).
* CVE-2023-7192: Fixed a memory leak problem in ctnetlink_create_conntrack in
net/netfilter/nf_conntrack_netlink.c (bsc#1218479).
* CVE-2024-0841: Fixed null pointer dereference in hugetlbfs_fill_super()
(bsc#1219264).
* CVE-2024-2201: Fixed information leak in x86/BHI (bsc#1217339).
* CVE-2024-22099: Fixed a null-pointer-dereference in rfcomm_check_security
(bsc#1219170).
* CVE-2024-23307: Fixed Integer Overflow or Wraparound vulnerability in x86
and ARM md, raid, raid5 modules (bsc#1219169).
* CVE-2024-25739: Fixed possible crash in create_empty_lvol() in
drivers/mtd/ubi/vtbl.c (bsc#1219834).
* CVE-2024-26599: Fixed out-of-bounds access in of_pwm_single_xlate()
(bsc#1220365).
* CVE-2024-26600: Fixed NULL pointer dereference for SRP in phy-omap-usb2
(bsc#1220340).
* CVE-2024-26602: Fixed overall slowdowns with sys_membarrier (bsc1220398).
* CVE-2024-26612: Fixed Oops in fscache_put_cache() This function dereferences
(bsc#1221291).
* CVE-2024-26614: Fixed the initialization of accept_queue's spinlocks
(bsc#1221293).
* CVE-2024-26620: Fixed possible device model violation in s390/vfio-ap
(bsc#1221298).
* CVE-2024-26627: Fixed possible hard lockup in scsi (bsc#1221090).
* CVE-2024-26629: Fixed possible protocol violation via RELEASE_LOCKOWNER in
nfsd (bsc#1221379).
* CVE-2024-26642: Fixed the set of anonymous timeout flag in netfilter
nf_tables (bsc#1221830).
* CVE-2024-26645: Fixed missing visibility when inserting an element into
tracing_map (bsc#1222056).
* CVE-2024-26646: Fixed potential memory corruption when resuming from suspend
or hibernation in thermal/intel/hfi (bsc#1222070).
* CVE-2024-26651: Fixed possible oops via malicious devices in sr9800
(bsc#1221337).
* CVE-2024-26654: Fixed use after free in ALSA/sh/aica (bsc#1222304).
* CVE-2024-26659: Fixed wrong handling of isoc Babble and Buffer Overrun
events in xhci (bsc#1222317).
* CVE-2024-26664: Fixed out-of-bounds memory access in create_core_data() in
hwmon coretemp (bsc#1222355).
* CVE-2024-26667: Fixed null pointer reference in
dpu_encoder_helper_phys_cleanup in drm/msm/dpu (bsc#1222331).
* CVE-2024-26670: Fixed ARM64_WORKAROUND_SPECULATIVE_UNPRIV_LOAD workaround in
kernel arm64 (bsc#1222356).
* CVE-2024-26695: Fixed null pointer dereference in
__sev_platform_shutdown_locked in crypto ccp (bsc#1222373).
* CVE-2024-26717: Fixed null pointer dereference on failed power up in HID
i2c-hid-of (bsc#1222360).

The following non-security bugs were fixed:

* Revert "PCI: tegra194: Enable support for 256 Byte payload" (git-fixes).
* Revert "Revert "drm/amdgpu/display: change pipe policy for DCN 2.0"" (git-
fixes).
* Revert "SUNRPC dont update timeout value on connection reset" (git-fixes).
* Revert "drm/amd: Disable PSR-SU on Parade 0803 TCON" (git-fixes).
* Revert "drm/amd: Disable S/G for APUs when 64GB or more host memory" (git-
fixes).
* Revert "drm/amdgpu/display: change pipe policy for DCN 2.0" (git-fixes).
* Revert "drm/amdgpu/display: change pipe policy for DCN 2.1" (git-fixes).
* Revert "drm/vc4: hdmi: Enforce the minimum rate at runtime_resume" (git-
fixes).
* Revert "fbdev: flush deferred IO before closing (git-fixes)." (bsc#1221814)
* acpi: CPPC: enable AMD CPPC V2 support for family 17h processors (git-
fixes).
* acpi: processor_idle: Fix memory leak in acpi_processor_power_exit() (git-
fixes).
* acpi: resource: Add Infinity laptops to irq1_edge_low_force_override
(stable-fixes).
* acpi: resource: Add MAIBENBEN X577 to irq1_edge_low_force_override (git-
fixes).
* acpi: resource: Do IRQ override on Lunnen Ground laptops (stable-fixes).
* acpi: scan: Fix device check notification handling (git-fixes).
* acpica: debugger: check status of acpi_evaluate_object() in
acpi_db_walk_for_fields() (git-fixes).
* alsa: aaci: Delete unused variable in aaci_do_suspend (git-fixes).
* alsa: aoa: avoid false-positive format truncation warning (git-fixes).
* alsa: aw2: avoid casting function pointers (git-fixes).
* alsa: ctxfi: avoid casting function pointers (git-fixes).
* alsa: hda/realtek - ALC285 reduce pop noise from Headphone port (stable-
fixes).
* alsa: hda/realtek - Add Headset Mic supported Acer NB platform (stable-
fixes).
* alsa: hda/realtek - Fix headset Mic no show at resume back for Lenovo ALC897
platform (git-fixes).
* alsa: hda/realtek: Enable Mute LED on HP 840 G8 (MB 8AB8) (git-fixes).
* alsa: hda/realtek: Update Panasonic CF-SZ6 quirk to support headset with
microphone (git-fixes).
* alsa: hda/realtek: fix ALC285 issues on HP Envy x360 laptops (stable-fixes).
* alsa: hda/realtek: fix mute/micmute LED For HP mt440 (git-fixes).
* alsa: hda/realtek: fix mute/micmute LEDs for HP EliteBook (stable-fixes).
* alsa: seq: fix function cast warnings (git-fixes).
* alsa: sh: aica: reorder cleanup operations to avoid UAF bugs (git-fixes).
* alsa: usb-audio: Stop parsing channels bits when all channels are found
(git-fixes).
* arm64: dts: allwinner: h6: Add RX DMA channel for SPDIF (git-fixes)
* arm64: dts: broadcom: bcmbca: bcm4908: drop invalid switch cells (git-fixes)
* arm64: dts: imx8mm-kontron: Add support for ultra high speed modes on (git-
fixes)
* arm64: dts: imx8mm-venice-gw71xx: fix USB OTG VBUS (git-fixes)
* arm64: dts: marvell: reorder crypto interrupts on Armada SoCs (git-fixes)
* arm64: dts: rockchip: add ES8316 codec for ROCK Pi 4 (git-fixes)
* arm64: dts: rockchip: add SPDIF node for ROCK Pi 4 (git-fixes)
* arm64: dts: rockchip: fix regulator name on rk3399-rock-4 (git-fixes)
* arm64: dts: rockchip: set num-cs property for spi on px30 (git-fixes)
* arm64: mm: fix VA-range sanity check (git-fixes)
* arm64: set __exception_irq_entry with __irq_entry as a default (git-fixes)
* asoc: Intel: bytcr_rt5640: Add an extra entry for the Chuwi Vi8 tablet
(stable-fixes).
* asoc: amd: acp: Add missing error handling in sof-mach (git-fixes).
* asoc: amd: acp: fix for acp_init function error handling (git-fixes).
* asoc: madera: Fix typo in madera_set_fll_clks shift value (git-fixes).
* asoc: meson: Use dev_err_probe() helper (stable-fixes).
* asoc: meson: aiu: fix function pointer type mismatch (git-fixes).
* asoc: meson: axg-tdm-interface: add frame rate constraint (git-fixes).
* asoc: meson: axg-tdm-interface: fix mclk setup without mclk-fs (git-fixes).
* asoc: meson: t9015: fix function pointer type mismatch (git-fixes).
* asoc: ops: Fix wraparound for mask in snd_soc_get_volsw (git-fixes).
* asoc: rcar: adg: correct TIMSEL setting for SSI9 (git-fixes).
* asoc: rt5645: Make LattePanda board DMI match more precise (stable-fixes).
* asoc: rt5682-sdw: fix locking sequence (git-fixes).
* asoc: rt711-sdca: fix locking sequence (git-fixes).
* asoc: rt711-sdw: fix locking sequence (git-fixes).
* asoc: wm8962: Enable both SPKOUTR_ENA and SPKOUTL_ENA in mono mode (stable-
fixes).
* asoc: wm8962: Enable oscillator if selecting WM8962_FLL_OSC (stable-fixes).
* asoc: wm8962: Fix up incorrect error message in wm8962_set_fll (stable-
fixes).
* ata: sata_mv: Fix PCI device ID table declaration compilation warning (git-
fixes).
* ata: sata_sx4: fix pdc20621_get_from_dimm() on 64-bit (git-fixes).
* backlight: da9052: Fully initialize backlight_properties during probe (git-
fixes).
* backlight: lm3630a: Do not set bl->props.brightness in get_brightness (git-
fixes).
* backlight: lm3630a: Initialize backlight_properties on init (git-fixes).
* backlight: lm3639: Fully initialize backlight_properties during probe (git-
fixes).
* backlight: lp8788: Fully initialize backlight_properties during probe (git-
fixes).
* blocklayoutdriver: Fix reference leak of pnfs_device_node (git-fixes).
* bluetooth: hci_core: Fix possible buffer overflow (git-fixes).
* bluetooth: mgmt: Remove leftover queuing of power_off work (git-fixes).
* bluetooth: remove HCI_POWER_OFF_TIMEOUT (git-fixes).
* bluetooth: remove superfluous call to hci_conn_check_pending() (git-fixes).
* bluetooth: rfcomm: Fix null-ptr-deref in rfcomm_check_security (stable-
fixes).
* bpf, scripts: Correct GPL license name (git-fixes).
* bpf, sockmap: Fix preempt_rt splat when using raw_spin_lock_t (git-fixes).
* can: softing: remove redundant NULL check (git-fixes).
* clk: zynq: Prevent null pointer dereference caused by kmalloc failure (git-
fixes).
* comedi: comedi_test: Prevent timers rescheduling during deletion (git-
fixes).
* coresight: etm4x: Do not access TRCIDR1 for identification (bsc#1220775)
* coresight: etm4x: Fix accesses to TRCSEQRSTEVR and TRCSEQSTR (bsc#1220775)
* coresight: etm: Override TRCIDR3.CCITMIN on errata affected cpus
(bsc#1220775)
* cpufreq: amd-pstate: Fix min_perf assignment in amd_pstate_adjust_perf()
(git-fixes).
* cpufreq: brcmstb-avs-cpufreq: add check for cpufreq_cpu_get's return value
(git-fixes).
* crypto: arm/sha - fix function cast warnings (git-fixes).
* crypto: qat - avoid division by zero (git-fixes).
* crypto: qat - fix deadlock in backlog processing (git-fixes).
* crypto: qat - fix double free during reset (git-fixes).
* crypto: qat - fix state machines cleanup paths (bsc#1218321).
* crypto: qat - fix unregistration of compression algorithms (git-fixes).
* crypto: qat - fix unregistration of crypto algorithms (git-fixes).
* crypto: qat - ignore subsequent state up commands (git-fixes).
* crypto: qat - increase size of buffers (git-fixes).
* crypto: qat - resolve race condition during AER recovery (git-fixes).
* crypto: xilinx - call finalize with bh disabled (git-fixes).
* doc-guide: kernel-doc: tell about object-like macros (git-fixes).
* doc/README.SUSE: Update information about module support status
(jsc#PED-5759)
* drivers: hv: vmbus: Calculate ring buffer size for more efficient use of
memory (git-fixes).
* drm/amd/display: Add FAMS validation before trying to use it (git-fixes).
* drm/amd/display: Add function for validate and update new stream (git-
fixes).
* drm/amd/display: Avoid ABM when ODM combine is enabled for eDP (git-fixes).
* drm/amd/display: Blocking invalid 420 modes on HDMI TMDS for DCN31 (git-
fixes).
* drm/amd/display: Check if link state is valid (git-fixes).
* drm/amd/display: Copy DC context in the commit streams (git-fixes).
* drm/amd/display: Disable PSR-SU on Parade 0803 TCON again (git-fixes).
* drm/amd/display: Enable fast plane updates on DCN3.2 and above (git-fixes).
* drm/amd/display: Enable new commit sequence only for DCN32x (git-fixes).
* drm/amd/display: Exit idle optimizations before attempt to access PHY (git-
fixes).
* drm/amd/display: Expand kernel doc for DC (git-fixes).
* drm/amd/display: Fix a bug when searching for insert_above_mpcc (git-fixes).
* drm/amd/display: Fix a potential buffer overflow in 'dp_dsc_clock_en_read()'
(git-fixes).
* drm/amd/display: Fix possible underflow for displays with large vblank (git-
fixes).
* drm/amd/display: Fix the delta clamping for shaper LUT (git-fixes).
* drm/amd/display: Fix underflow issue on 175hz timing (git-fixes).
* drm/amd/display: For prefetch mode > 0, extend prefetch if possible (git-
fixes).
* drm/amd/display: Guard DCN31 PHYD32CLK logic against chip family (git-
fixes).
* drm/amd/display: Guard against invalid RPTR/WPTR being set (git-fixes).
* drm/amd/display: Handle seamless boot stream (git-fixes).
* drm/amd/display: Handle virtual hardware detect (git-fixes).
* drm/amd/display: Include surface of unaffected streams (git-fixes).
* drm/amd/display: Include udelay when waiting for INBOX0 ACK (git-fixes).
* drm/amd/display: Increase frame warning limit with KASAN or KCSAN in dml
(git-fixes).
* drm/amd/display: Keep PHY active for dp config (git-fixes).
* drm/amd/display: Prevent vtotal from being set to 0 (git-fixes).
* drm/amd/display: Remove min_dst_y_next_start check for Z8 (git-fixes).
* drm/amd/display: Restore rptr/wptr for DMCUB as workaround (git-fixes).
* drm/amd/display: Return the correct HDCP error code (stable-fixes).
* drm/amd/display: Revert vblank change that causes null pointer crash (git-
fixes).
* drm/amd/display: Rework comments on dc file (git-fixes).
* drm/amd/display: Rework context change check (git-fixes).
* drm/amd/display: Set minimum requirement for using PSR-SU on Phoenix (git-
fixes).
* drm/amd/display: Set minimum requirement for using PSR-SU on Rembrandt (git-
fixes).
* drm/amd/display: Update OTG instance in the commit stream (git-fixes).
* drm/amd/display: Update correct DCN314 register header (git-fixes).
* drm/amd/display: Update min Z8 residency time to 2100 for DCN314 (git-
fixes).
* drm/amd/display: Use DRAM speed from validation for dummy p-state (git-
fixes).
* drm/amd/display: Use DTBCLK as refclk instead of DPREFCLK (git-fixes).
* drm/amd/display: Use min transition for all SubVP plane add/remove (git-
fixes).
* drm/amd/display: Write to correct dirty_rect (git-fixes).
* drm/amd/display: Wrong colorimetry workaround (git-fixes).
* drm/amd/display: add FB_DAMAGE_CLIPS support (git-fixes).
* drm/amd/display: add ODM case when looking for first split pipe (git-fixes).
* drm/amd/display: always switch off ODM before committing more streams (git-
fixes).
* drm/amd/display: clean code-style issues in dcn30_set_mpc_shaper_3dlut (git-
fixes).
* drm/amd/display: dc.h: eliminate kernel-doc warnings (git-fixes).
* drm/amd/display: ensure async flips are only accepted for fast updates (git-
fixes).
* drm/amd/display: fix ABM disablement (git-fixes).
* drm/amd/display: fix a NULL pointer dereference in amdgpu_dm_i2c_xfer()
(git-fixes).
* drm/amd/display: fix dc/core/dc.c kernel-doc (git-fixes).
* drm/amd/display: fix hw rotated modes when PSR-SU is enabled (git-fixes).
* drm/amd/display: fix kernel-doc issues in dc.h (git-fixes).
* drm/amd/display: fix unbounded requesting for high pixel rate modes on
dcn315 (git-fixes).
* drm/amd/display: handle range offsets in VRR ranges (stable-fixes).
* drm/amd/display: perform a bounds check before filling dirty rectangles
(git-fixes).
* drm/amd/display: set per pipe dppclk to 0 when dpp is off (git-fixes).
* drm/amd/display: update extended blank for dcn314 onwards (git-fixes).
* drm/amd/display: use low clocks for no plane configs (git-fixes).
* drm/amd/pm: Fix error of MACO flag setting code (git-fixes).
* drm/amd/pm: fix a memleak in aldebaran_tables_init (git-fixes).
* drm/amd/smu: use AverageGfxclkFrequency* to replace previous GFX Curr Clock
(git-fixes).
* drm/amd: Enable PCIe PME from D3 (git-fixes).
* drm/amdgpu/pm: Fix the error of pwm1_enable setting (stable-fixes).
* drm/amdgpu/pm: make gfxclock consistent for sienna cichlid (git-fixes).
* drm/amdgpu/pm: make mclk consistent for smu 13.0.7 (git-fixes).
* drm/amdgpu/smu13: drop compute workload workaround (git-fixes).
* drm/amdgpu: Enable gpu reset for S3 abort cases on Raven series (stable-
fixes).
* drm/amdgpu: Fix missing break in ATOM_ARG_IMM Case of atom_get_src_int()
(git-fixes).
* drm/amdgpu: Force order between a read and write to the same address (git-
fixes).
* drm/amdgpu: Match against exact bootloader status (git-fixes).
* drm/amdgpu: Unset context priority is now invalid (git-fixes).
* drm/amdgpu: Update min() to min_t() in 'amdgpu_info_ioctl' (git-fixes).
* drm/amdgpu: amdgpu_ttm_gart_bind set gtt bound flag (stable-fixes).
* drm/amdgpu: lower CS errors to debug severity (git-fixes).
* drm/amdkfd: fix TLB flush after unmap for GFX9.4.2 (stable-fixes).
* drm/bridge: tc358762: Instruct DSI host to generate HSE packets (git-fixes).
* drm/display: fix typo (git-fixes).
* drm/edid: Add quirk for OSVR HDK 2.0 (git-fixes).
* drm/etnaviv: Restore some id values (git-fixes).
* drm/exynos: do not return negative values from .get_modes() (stable-fixes).
* drm/exynos: fix a possible null-pointer dereference due to data race in
exynos_drm_crtc_atomic_disable() (git-fixes).
* drm/i915/bios: Tolerate devdata==NULL in
intel_bios_encoder_supports_dp_dual_mode() (stable-fixes).
* drm/i915/gt: Do not generate the command streamer for all the CCS (git-
fixes).
* drm/i915/gt: Reset queue_priority_hint on parking (git-fixes).
* drm/i915/gt: Use i915_vm_put on ppgtt_create error paths (git-fixes).
* drm/i915/selftests: Fix dependency of some timeouts on HZ (git-fixes).
* drm/i915: Add missing CCS documentation (git-fixes).
* drm/i915: Call intel_pre_plane_updates() also for pipes getting enabled
(git-fixes).
* drm/i915: Check before removing mm notifier (git-fixes).
* drm/lima: fix a memleak in lima_heap_alloc (git-fixes).
* drm/mediatek: Fix a null pointer crash in mtk_drm_crtc_finish_page_flip
(git-fixes).
* drm/mediatek: dsi: Fix DSI RGB666 formats and definitions (git-fixes).
* drm/msm/dpu: Only enable DSC_MODE_MULTIPLEX if dsc_merge is enabled (git-
fixes).
* drm/msm/dpu: add division of drm_display_mode's hskew parameter (git-fixes).
* drm/msm/dpu: fix the programming of INTF_CFG2_DATA_HCTL_EN (git-fixes).
* drm/msm/dpu: improve DSC allocation (git-fixes).
* drm/panel-edp: use put_sync in unprepare (git-fixes).
* drm/panel: Move AUX B116XW03 out of panel-edp back to panel-simple (git-
fixes).
* drm/panel: auo,b101uan08.3: Fine tune the panel power sequence (git-fixes).
* drm/panel: boe-tv101wum-nl6: Fine tune the panel power sequence (git-fixes).
* drm/panel: do not return negative error codes from drm_panel_get_modes()
(stable-fixes).
* drm/panfrost: fix power transition timeout warnings (git-fixes).
* drm/probe-helper: warn about negative .get_modes() (stable-fixes).
* drm/qxl: remove unused `count` variable from `qxl_surface_id_alloc()` (git-
fixes).
* drm/qxl: remove unused variable from `qxl_process_single_command()` (git-
fixes).
* drm/radeon/ni: Fix wrong firmware size logging in ni_init_microcode() (git-
fixes).
* drm/radeon/ni_dpm: remove redundant NULL check (git-fixes).
* drm/radeon: remove dead code in ni_mc_load_microcode() (git-fixes).
* drm/rockchip: dsi: Clean up 'usage_mode' when failing to attach (git-fixes).
* drm/rockchip: inno_hdmi: Fix video timing (git-fixes).
* drm/rockchip: lvds: do not overwrite error code (git-fixes).
* drm/rockchip: lvds: do not print scary message when probing defer (git-
fixes).
* drm/tegra: dpaux: Fix PM disable depth imbalance in tegra_dpaux_probe (git-
fixes).
* drm/tegra: dsi: Add missing check for of_find_device_by_node (git-fixes).
* drm/tegra: dsi: Fix missing pm_runtime_disable() in the error handling path
of tegra_dsi_probe() (git-fixes).
* drm/tegra: dsi: Fix some error handling paths in tegra_dsi_probe() (git-
fixes).
* drm/tegra: dsi: Make use of the helper function dev_err_probe() (stable-
fixes).
* drm/tegra: hdmi: Convert to devm_platform_ioremap_resource() (stable-fixes).
* drm/tegra: hdmi: Fix some error handling paths in tegra_hdmi_probe() (git-
fixes).
* drm/tegra: output: Fix missing i2c_put_adapter() in the error handling paths
of tegra_output_probe() (git-fixes).
* drm/tegra: put drm_gem_object ref on error in tegra_fb_create (git-fixes).
* drm/tegra: rgb: Fix missing clk_put() in the error handling paths of
tegra_dc_rgb_probe() (git-fixes).
* drm/tegra: rgb: Fix some error handling paths in tegra_dc_rgb_probe() (git-
fixes).
* drm/tidss: Fix initial plane zpos values (git-fixes).
* drm/tidss: Fix sync-lost issue with two displays (git-fixes).
* drm/ttm: Do not leak a resource on eviction error (git-fixes).
* drm/ttm: Do not print error message if eviction was interrupted (git-fixes).
* drm/vc4: Add module dependency on hdmi-codec (git-fixes).
* drm/vmwgfx: Create debugfs ttm_resource_manager entry only if needed (git-
fixes).
* drm/vmwgfx: Fix possible null pointer derefence with invalid contexts (git-
fixes).
* drm/vmwgfx: fix a memleak in vmw_gmrid_man_get_node (git-fixes).
* drm: Do not treat 0 as -1 in drm_fixp2int_ceil (git-fixes).
* drm: Fix drm_fixp2int_round() making it add 0.5 (git-fixes).
* drm: panel-orientation-quirks: Add quirk for Acer Switch V 10 (SW5-017)
(git-fixes).
* firewire: core: use long bus reset on gap count error (stable-fixes).
* fix "coresight: etm4x: Change etm4_platform_driver driver for MMIO devices"
(bsc#1220775) Hunk with clk_put(drvdata->pclk) was incorrectly moved to
another function.
* force config_TCG_TIS_CORE=m on aarch64 for workaround kconfig issues
* group-source-files.pl: Quote filenames (boo#1221077). The kernel source now
contains a file with a space in the name. Add quotes in group-source-
files.pl to avoid splitting the filename. Also use -print0 / -0 when
updating timestamps.
* hid: amd_sfh: Update HPD sensor structure elements (git-fixes).
* hid: lenovo: Add middleclick_workaround sysfs knob for cptkbd (git-fixes).
* hid: multitouch: Add required quirk for Synaptics 0xcddc device (stable-
fixes).
* hv_netvsc: Calculate correct ring size when PAGE_SIZE is not 4 Kbytes (git-
fixes).
* hv_netvsc: Fix race condition between netvsc_probe and netvsc_remove (git-
fixes).
* hv_netvsc: Register VF in netvsc_probe if NET_DEVICE_REGISTER missed (git-
fixes).
* i2c: aspeed: Fix the dummy irq expected print (git-fixes).
* i2c: i801: Avoid potential double call to gpiod_remove_lookup_table (git-
fixes).
* i2c: wmt: Fix an error handling path in wmt_i2c_probe() (git-fixes).
* ib/ipoib: fix mcast list locking (git-fixes)
* iio: dummy_evgen: remove Excess kernel-doc comments (git-fixes).
* iio: pressure: dlhl60d: Initialize empty DLH bytes (git-fixes).
* input: gpio_keys_polled - suppress deferred probe error for gpio (stable-
fixes).
* input: synaptics-rmi4 - fix UAF of IRQ domain on driver removal (git-fixes).
* iommu/amd: Mark interrupt as managed (git-fixes).
* iommu/dma: Trace bounce buffer usage when mapping buffers (git-fixes).
* iommu/mediatek-v1: Fix an error handling path in mtk_iommu_v1_probe() (git-
fixes).
* iommu/mediatek: Fix forever loop in error handling (git-fixes).
* iommu/vt-d: Allow to use flush-queue when first level is default (git-
fixes).
* iommu/vt-d: Do not issue ATS Invalidation request when device is
disconnected (git-fixes).
* iommu/vt-d: Fix PASID directory pointer coherency (git-fixes).
* iommu/vt-d: Set No Execute Enable bit in PASID table entry (git-fixes).
* kABI: PCI: Add locking to RMW PCI Express Capability Register accessors
(kabi).
* kconfig: fix infinite loop when expanding a macro at the end of file (git-
fixes).
* kernel-binary: Fix i386 build Fixes: 89eaf4cdce05 ("rpm templates: Move
macro definitions below buildrequires")
* kernel-binary: Move build script to the end All other spec templates have
the build script at the end, only kernel-binary has it in the middle. Align
with the other templates.
* kernel-binary: certs: Avoid trailing space
* kernel-binary: vdso: fix filelist for non-usrmerged kernel Fixes:
a6ad8af207e6 ("rpm templates: Always define usrmerged")
* kvm: s390: only deliver the set service event bits (git-fixes bsc#1221631).
* leds: aw2013: Unlock mutex before destroying it (git-fixes).
* lib/cmdline: Fix an invalid format specifier in an assertion msg (git-
fixes).
* make nvidia Grace-Hopper TPM related drivers build-ins (bsc#1221156)
* md: fix data corruption for raid456 when reshape restart while grow up (git-
fixes).
* media: dvb-frontends: avoid stack overflow warnings with clang (git-fixes).
* media: edia: dvbdev: fix a use-after-free (git-fixes).
* media: em28xx: annotate unchecked call to media_device_register() (git-
fixes).
* media: go7007: add check of return value of go7007_read_addr() (git-fixes).
* media: go7007: fix a memleak in go7007_load_encoder (git-fixes).
* media: imx: csc/scaler: fix v4l2_ctrl_handler memory leak (git-fixes).
* media: pvrusb2: fix pvr2_stream_callback casts (git-fixes).
* media: pvrusb2: fix uaf in pvr2_context_set_notify (git-fixes).
* media: pvrusb2: remove redundant NULL check (git-fixes).
* media: staging: ipu3-imgu: Set fields before media_entity_pads_init() (git-
fixes).
* media: sun8i-di: Fix chroma difference threshold (git-fixes).
* media: sun8i-di: Fix coefficient writes (git-fixes).
* media: sun8i-di: Fix power on/off sequences (git-fixes).
* media: tc358743: register v4l2 async device only after successful setup
(git-fixes).
* media: ttpci: fix two memleaks in budget_av_attach (git-fixes).
* media: usbtv: Remove useless locks in usbtv_video_free() (git-fixes).
* media: v4l2-mem2mem: fix a memleak in v4l2_m2m_register_entity (git-fixes).
* media: v4l2-tpg: fix some memleaks in tpg_alloc (git-fixes).
* media: xc4000: Fix atomicity violation in xc4000_get_frequency (git-fixes).
* mfd: altera-sysmgr: Call of_node_put() only when of_parse_phandle() takes a
ref (git-fixes).
* mfd: syscon: Call of_node_put() only when of_parse_phandle() takes a ref
(git-fixes).
* mm,page_owner: Defer enablement of static branch (bsc#1222366).
* mm,page_owner: Fix accounting of pages when migrating (bsc#1222366).
* mm,page_owner: Fix printing of stack records (bsc#1222366).
* mm,page_owner: Fix refcount imbalance (bsc#1222366).
* mm,page_owner: Update metadata for tail pages (bsc#1222366).
* mm,page_owner: check for null stack_record before bumping its refcount
(bsc#1222366).
* mm,page_owner: drop unnecessary check (bsc#1222366).
* mm,page_owner: fix recursion (bsc#1222366).
* mmc: core: Avoid negative index with array access (git-fixes).
* mmc: core: Fix switch on gp3 partition (git-fixes).
* mmc: core: Initialize mmc_blk_ioc_data (git-fixes).
* mmc: mmci: stm32: fix DMA API overlapping mappings warning (git-fixes).
* mmc: mmci: stm32: use a buffer for unaligned DMA requests (git-fixes).
* mmc: tmio: avoid concurrent runs of mmc_request_done() (git-fixes).
* mmc: wmt-sdmmc: remove an incorrect release_mem_region() call in the .remove
function (git-fixes).
* mtd: maps: physmap-core: fix flash size larger than 32-bit (git-fixes).
* mtd: rawnand: lpc32xx_mlc: fix irq handler prototype (git-fixes).
* mtd: rawnand: meson: fix scrambling mode value in command macro (git-fixes).
* net/bnx2x: Prevent access to a freed page in page_pool (bsc#1215322).
* net/x25: fix incorrect parameter validation in the x25_getsockopt() function
(git-fixes).
* net: Fix features skip in for_each_netdev_feature() (git-fixes).
* net: lan78xx: fix runtime PM count underflow on link stop (git-fixes).
* net: ll_temac: platform_get_resource replaced by wrong function (git-fixes).
* net: mana: Fix Rx DMA datasize and skb_over_panic (git-fixes).
* net: phy: fix phy_get_internal_delay accessing an empty array (git-fixes).
* net: sunrpc: Fix an off by one in rpc_sockaddr2uaddr() (git-fixes).
* nfc: nci: Fix uninit-value in nci_dev_up and nci_ntf_packet (git-fixes).
* nfs: fix an off by one in root_nfs_cat() (git-fixes).
* nfs: rename nfs_client_kset to nfs_kset (git-fixes).
* nfsd: change LISTXATTRS cookie encoding to big-endian (git-fixes).
* nfsd: convert the callback workqueue to use delayed_work (git-fixes).
* nfsd: do not take fi_lock in nfsd_break_deleg_cb() (git-fixes).
* nfsd: fix file memleak on client_opens_release (git-fixes).
* nfsd: fix liSTXATTRS returning a short list with eof=TRUE (git-fixes).
* nfsd: fix liSTXATTRS returning more bytes than maxcount (git-fixes).
* nfsd: fix nfsd4_listxattr_validate_cookie (git-fixes).
* nfsd: lock_rename() needs both directories to live on the same fs (git-
fixes).
* nfsd: reschedule CB operations when backchannel rpc_clnt is shut down (git-
fixes).
* nfsd: reset cb_seq_status after NFS4ERR_DELAY (git-fixes).
* nfsd: retransmit callbacks after client reconnects (git-fixes).
* nfsd: use vfs setgid helper (git-fixes).
* nfsv4.1/pnfs: Ensure we handle the error NFS4ERR_RETURNCONFLICT (git-fixes).
* nfsv4.1: fix SP4_MACH_CRED protection for pnfs IO (git-fixes).
* nfsv4.1: fixup use EXCHGID4_FLAG_USE_PNFS_DS for DS server (git-fixes).
* nfsv4.1: use EXCHGID4_FLAG_USE_PNFS_DS for DS server (git-fixes).
* nfsv4.2: fix listxattr maximum XDR buffer size (git-fixes).
* nfsv4.2: fix nfs4_listxattr kernel BUG at mm/usercopy.c:102 (git-fixes).
* nfsv4.2: fix wrong shrinker_id (git-fixes).
* nfsv4: fix a nfs4_state_manager() race (git-fixes).
* nfsv4: fix a state manager thread deadlock regression (git-fixes).
* nilfs2: fix failure to detect DAT corruption in btree and direct mappings
(git-fixes).
* nilfs2: prevent kernel bug at submit_bh_wbc() (git-fixes).
* nouveau/dmem: handle kcalloc() allocation failure (git-fixes).
* nouveau: reset the bo resource bus info after an eviction (git-fixes).
* ntfs: fix use-after-free in ntfs_ucsncmp() (bsc#1221713).
* nvme-fc: do not wait in vain when unloading module (git-fixes).
* nvme: fix reconnection fail due to reserved tag allocation (git-fixes).
* nvmet-fc: abort command when there is no binding (git-fixes).
* nvmet-fc: avoid deadlock on delete association path (git-fixes).
* nvmet-fc: defer cleanup using RCU properly (git-fixes).
* nvmet-fc: hold reference on hostport match (git-fixes).
* nvmet-fc: release reference on target port (git-fixes).
* nvmet-fc: take ref count on tgtport before delete assoc (git-fixes).
* nvmet-fcloop: swap the list_add_tail arguments (git-fixes).
* nvmet-tcp: fix nvme tcp ida memory leak (git-fixes).
* pNFS/flexfiles: Check the layout validity in ff_layout_mirror_prepare_stats
(git-fixes).
* pNFS: Fix a hang in nfs4_evict_inode() (git-fixes).
* pNFS: Fix the pnfs block driver's calculation of layoutget size (git-fixes).
* pci/aer: fix rootport attribute paths in ABI docs (git-fixes).
* pci/aspm: use RMW accessors for changing LNKCTL (git-fixes).
* pci/dpc: print all TLP Prefixes, not just the first (git-fixes).
* pci/msi: prevent MSI hardware interrupt number truncation (bsc#1218777)
* pci/p2pdma: Fix a sleeping issue in a RCU read section (git-fixes).
* pci: add locking to RMW PCI Express Capability Register accessors (git-
fixes).
* pci: dwc: endpoint: Fix advertised resizable BAR size (git-fixes).
* pci: dwc: endpoint: Fix dw_pcie_ep_raise_msix_irq() alignment support (git-
fixes).
* pci: dwc: fix a 64bit bug in dw_pcie_ep_raise_msix_irq() (git-fixes).
* pci: fu740: Set the number of MSI vectors (git-fixes).
* pci: lengthen reset delay for VideoPropulsion Torrent QN16e card (git-
fixes).
* pci: make link retraining use RMW accessors for changing LNKCTL (git-fixes).
* pci: mark 3ware-9650SE Root Port Extended Tags as broken (git-fixes).
* pci: mediatek-gen3: Fix translation window size calculation (git-fixes).
* pci: mediatek: Clear interrupt status before dispatching handler (git-
fixes).
* pci: qcom: enable BDF to SID translation properly (git-fixes).
* pci: qcom: use DWC helpers for modifying the read-only DBI registers (git-
fixes).
* pci: rockchip: Do not advertise MSI-X in PCIe capabilities (git-fixes).
* pci: rockchip: Fix window mapping and address translation for endpoint (git-
fixes).
* pci: rockchip: Use 64-bit mask on MSI 64-bit PCI address (git-fixes).
* pci: switchtec: Fix an error handling path in switchtec_pci_probe() (git-
fixes).
* pinctrl: mediatek: Drop bogus slew rate register range for MT8192 (git-
fixes).
* platform/mellanox: mlxreg-hotplug: Remove redundant NULL-check (git-fixes).
* pm: suspend: Set mem_sleep_current during kernel command line setup (git-
fixes).
* powerpc/64s: POWER10 CPU Kconfig build option (bsc#1194869).
* powerpc/boot: Disable power10 features after BOOTAFLAGS assignment
(bsc#1194869).
* powerpc/boot: Fix boot wrapper code generation with CONFIG_POWER10_CPU
(bsc#1194869).
* powerpc/lib/sstep: Do not use __{get/put}_user() on kernel addresses
(bsc#1194869).
* powerpc/lib/sstep: Remove unneeded #ifdef **powerpc64** (bsc#1194869).
* powerpc/lib/sstep: Use l1_dcache_bytes() instead of opencoding
(bsc#1194869).
* powerpc/lib/sstep: use truncate_if_32bit() (bsc#1194869).
* powerpc/pseries/iommu: IOMMU table is not initialized for kdump over SR-IOV
(bsc#1220492 ltc#205270).
* powerpc/pseries: Fix potential memleak in papr_get_attr() (bsc#1200465
ltc#197256 jsc#SLE-18130 git-fixes).
* powerpc/sstep: Use bitwise instead of arithmetic operator for flags
(bsc#1194869).
* powerpc: add compile-time support for lbarx, lharx (bsc#1194869).
* pwm: mediatek: Update kernel doc for struct pwm_mediatek_of_data (git-
fixes).
* qedf: Do not process stag work during unload (bsc#1214852).
* qedf: Wait for stag work during unload (bsc#1214852).
* raid1: fix use-after-free for original bio in raid1_write_request()
(bsc#1221097).
* ras/amd/fmpm: Add debugfs interface to print record entries (jsc#PED-7619).
* ras/amd/fmpm: Avoid NULL ptr deref in get_saved_records() (jsc#PED-7619).
* ras/amd/fmpm: Fix build when debugfs is not enabled (jsc#PED-7619).
* ras/amd/fmpm: Fix off by one when unwinding on error (jsc#PED-7619).
* ras/amd/fmpm: Safely handle saved records of various sizes (jsc#PED-7619).
* ras/amd/fmpm: Save SPA values (jsc#PED-7619).
* ras: Avoid build errors when CONFIG_DEBUG_FS=n (git-fixes).
* ras: export helper to get ras_debugfs_dir (jsc#PED-7619).
* rdma/device: Fix a race between mad_client and cm_client init (git-fixes)
* rdma/hns: fix mis-modifying default congestion control algorithm (git-fixes)
* rdma/ipoib: Fix error code return in ipoib_mcast_join (git-fixes)
* rdma/irdma: Remove duplicate assignment (git-fixes)
* rdma/mana_ib: Fix bug in creation of dma regions (git-fixes).
* rdma/mlx5: fix fortify source warning while accessing Eth segment (git-
fixes)
* rdma/mlx5: relax DEVX access upon modify commands (git-fixes)
* rdma/rtrs-clt: Check strnlen return len in sysfs mpath_policy_store() (git-
fixes)
* rdma/srpt: do not register event handler until srpt device is fully setup
(git-fixes)
* rtc: mt6397: select IRQ_DOMAIN instead of depending on it (git-fixes).
* s390/pai: fix attr_event_free upper limit for pai device drivers (git-fixes
bsc#1221633).
* s390/vfio-ap: realize the VFIO_DEVICE_GET_IRQ_INFO ioctl (bsc#1205316).
* s390/vfio-ap: realize the VFIO_DEVICE_SET_IRQS ioctl (bsc#1205316).
* s390/vfio-ap: wire in the vfio_device_ops request callback (bsc#1205316).
* s390/vtime: fix average steal time calculation (git-fixes bsc#1221951).
* sched/rt: Disallow writing invalid values to sched_rt_period_us
(bsc#1220176).
* sched/rt: sysctl_sched_rr_timeslice show default timeslice after reset
(bsc#1220176).
* scsi: lpfc: Copyright updates for 14.4.0.1 patches (bsc#1221777).
* scsi: lpfc: Correct size for cmdwqe/rspwqe for memset() (bsc#1221777).
* scsi: lpfc: Correct size for wqe for memset() (bsc#1221777).
* scsi: lpfc: Define lpfc_dmabuf type for ctx_buf ptr (bsc#1221777).
* scsi: lpfc: Define lpfc_nodelist type for ctx_ndlp ptr (bsc#1221777).
* scsi: lpfc: Define types in a union for generic void *context3 ptr
(bsc#1221777).
* scsi: lpfc: Move NPIV's transport unregistration to after resource clean up
(bsc#1221777).
* scsi: lpfc: Release hbalock before calling lpfc_worker_wake_up()
(bsc#1221777).
* scsi: lpfc: Remove IRQF_ONESHOT flag from threaded IRQ handling (bsc#1221777
bsc#1217959).
* scsi: lpfc: Remove unnecessary log message in queuecommand path
(bsc#1221777).
* scsi: lpfc: Replace hbalock with ndlp lock in lpfc_nvme_unregister_port()
(bsc#1221777).
* scsi: lpfc: Update lpfc version to 14.4.0.1 (bsc#1221777).
* scsi: lpfc: Update lpfc_ramp_down_queue_handler() logic (bsc#1221777).
* scsi: lpfc: Use a dedicated lock for ras_fwlog state (bsc#1221777).
* scsi: qedf: Remove set but unused variable 'page' (bsc#1214852).
* scsi: qedf: Remove unused 'num_handled' variable (bsc#1214852).
* scsi: qedf: Remove unused declaration (bsc#1214852).
* scsi: qla2xxx: Change debug message during driver unload (bsc1221816).
* scsi: qla2xxx: Delay I/O Abort on PCI error (bsc1221816).
* scsi: qla2xxx: Fix N2N stuck connection (bsc1221816).
* scsi: qla2xxx: Fix command flush on cable pull (bsc1221816).
* scsi: qla2xxx: Fix double free of fcport (bsc1221816).
* scsi: qla2xxx: Fix double free of the ha->vp_map pointer (bsc1221816).
* scsi: qla2xxx: NVME|FCP prefer flag not being honored (bsc1221816).
* scsi: qla2xxx: Prevent command send on chip reset (bsc1221816).
* scsi: qla2xxx: Split FCE|EFT trace control (bsc1221816).
* scsi: qla2xxx: Update manufacturer detail (bsc1221816).
* scsi: qla2xxx: Update version to 10.02.09.200-k (bsc1221816).
* scsi: storvsc: Fix ring buffer size calculation (git-fixes).
* scsi: target: core: Silence the message about unknown VPD pages
(bsc#1221252).
* selftests/bpf: add generic BPF program tester-loader (bsc#1222033).
* serial: 8250_exar: Do not remove GPIO device on suspend (git-fixes).
* serial: max310x: fix syntax error in IRQ error message (git-fixes).
* slimbus: core: Remove usage of the deprecated ida_simple_xx() API (git-
fixes).
* soc: fsl: qbman: Always disable interrupts when taking cgr_lock (git-fixes).
* spi: lm70llp: fix links in doc and comments (git-fixes).
* spi: spi-mt65xx: Fix NULL pointer access in interrupt handler (git-fixes).
* sr9800: Add check for usbnet_get_endpoints (git-fixes).
* stackdepot: rename pool_index to pool_index_plus_1 (git-fixes).
* staging: vc04_services: fix information leak in create_component() (git-
fixes).
* sunrpc: Add an IS_ERR() check back to where it was (git-fixes).
* sunrpc: ECONNRESET might require a rebind (git-fixes).
* sunrpc: Fix RPC client cleaned up the freed pipefs dentries (git-fixes).
* sunrpc: Fix a suspicious RCU usage warning (git-fixes).
* sunrpc: fix a memleak in gss_import_v2_context (git-fixes).
* sunrpc: fix some memleaks in gssx_dec_option_array (git-fixes).
* svcrdma: Drop connection after an RDMA Read error (git-fixes).
* tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc (bsc#1222619).
* tty: serial: fsl_lpuart: avoid idle preamble pending if CTS is enabled (git-
fixes).
* tty: serial: samsung: fix tx_empty() to return TIOCSER_TEMT (git-fixes).
* tty: vt: fix 20 vs 0x20 typo in EScsiignore (git-fixes).
* ubifs: Queue up space reservation tasks if retrying many times (git-fixes).
* ubifs: Remove unreachable code in dbg_check_ltab_lnum (git-fixes).
* ubifs: Set page uptodate in the correct place (git-fixes).
* ubifs: dbg_check_idx_size: Fix kmemleak if loading znode failed (git-fixes).
* ubifs: fix sort function prototype (git-fixes).
* usb: audio-v2: Correct comments for struct uac_clock_selector_descriptor
(git-fixes).
* usb: cdc-wdm: close race between read and workqueue (git-fixes).
* usb: core: Fix deadlock in usb_deauthorize_interface() (git-fixes).
* usb: dwc2: gadget: Fix exiting from clock gating (git-fixes).
* usb: dwc2: gadget: LPM flow fix (git-fixes).
* usb: dwc2: host: Fix ISOC flow in DDMA mode (git-fixes).
* usb: dwc2: host: Fix hibernation flow (git-fixes).
* usb: dwc2: host: Fix remote wakeup from hibernation (git-fixes).
* usb: dwc3: Properly set system wakeup (git-fixes).
* usb: gadget: ncm: Fix handling of zero block length packets (git-fixes).
* usb: gadget: net2272: Use irqflags in the call to net2272_probe_fin (git-
fixes).
* usb: port: Do not try to peer unused USB ports based on location (git-
fixes).
* usb: typec: Return size of buffer if pd_set operation succeeds (git-fixes).
* usb: typec: ucsi: Check for notifications after init (git-fixes).
* usb: typec: ucsi: Clean up UCSI_CABLE_PROP macros (git-fixes).
* usb: typec: ucsi: Clear EVENT_PENDING under PPM lock (git-fixes).
* usb: usb-storage: Prevent divide-by-0 error in isd200_ata_command (git-
fixes).
* usb: xhci: Add error handling in xhci_map_urb_for_dma (git-fixes).
* vboxsf: Avoid an spurious warning if load_nls_xxx() fails (git-fixes).
* vt: fix unicode buffer corruption when deleting characters (git-fixes).
* watchdog: stm32_iwdg: initialize default timeout (git-fixes).
* wifi: ath10k: fix NULL pointer dereference in
ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev() (git-fixes).
* wifi: ath11k: decrease MHI channel buffer length to 8KB (bsc#1207948).
* wifi: ath11k: initialize rx_mcs_80 and rx_mcs_160 before use (git-fixes).
* wifi: ath9k: delay all of ath9k_wmi_event_tasklet() until init is complete
(git-fixes).
* wifi: b43: Disable QoS for bcm4331 (git-fixes).
* wifi: b43: Stop correct queue in DMA worker when QoS is disabled (git-
fixes).
* wifi: b43: Stop/wake correct queue in DMA Tx path when QoS is disabled (git-
fixes).
* wifi: b43: Stop/wake correct queue in PIO Tx path when QoS is disabled (git-
fixes).
* wifi: brcmfmac: fix copyright year mentioned in platform_data header (git-
fixes).
* wifi: brcmsmac: avoid function pointer casts (git-fixes).
* wifi: iwlwifi: dbg-tlv: ensure NUL termination (git-fixes).
* wifi: iwlwifi: fix EWRD table validity check (git-fixes).
* wifi: iwlwifi: fw: do not always use FW dump trig (git-fixes).
* wifi: iwlwifi: mvm: do not set replay counters to 0xff (git-fixes).
* wifi: iwlwifi: mvm: report beacon protection failures (git-fixes).
* wifi: iwlwifi: mvm: rfi: fix potential response leaks (git-fixes).
* wifi: iwlwifi: mvm: use FW rate for non-data only on new devices (git-
fixes).
* wifi: libertas: fix some memleaks in lbs_allocate_cmd_buffer() (git-fixes).
* wifi: mwifiex: debugfs: Drop unnecessary error check for
debugfs_create_dir() (git-fixes).
* wifi: rtl8xxxu: add cancel_work_sync() for c2hcmd_work (git-fixes).
* wifi: rtw88: 8821c: Fix false alarm count (git-fixes).
* wifi: wilc1000: fix RCU usage in connect path (git-fixes).
* wifi: wilc1000: fix declarations ordering (stable-fixes).
* wifi: wilc1000: fix multi-vif management when deleting a vif (git-fixes).
* wifi: wilc1000: prevent use-after-free on vif when cleaning up all
interfaces (git-fixes).
* x86/CPU/AMD: Update the Zenbleed microcode revisions (git-fixes).
* x86/bugs: Fix the SRSO mitigation on Zen3/4 (git-fixes).
* x86/fpu: Keep xfd_state in sync with MSR_IA32_XFD (git-fixes).
* xhci: handle isoc Babble and Buffer Overrun events properly (git-fixes).
* xhci: process isoc TD properly when there was a transaction error mid TD
(git-fixes).

## Special Instructions and Notes:

* Please reboot the system after installing this update.

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.5
zypper in -t patch SUSE-2024-1332=1 openSUSE-SLE-15.5-2024-1332=1

* Public Cloud Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP5-2024-1332=1

## Package List:

* openSUSE Leap 15.5 (aarch64 x86_64)
* gfs2-kmp-azure-5.14.21-150500.33.42.1
* kernel-azure-extra-debuginfo-5.14.21-150500.33.42.1
* dlm-kmp-azure-debuginfo-5.14.21-150500.33.42.1
* kernel-azure-optional-5.14.21-150500.33.42.1
* kselftests-kmp-azure-debuginfo-5.14.21-150500.33.42.1
* gfs2-kmp-azure-debuginfo-5.14.21-150500.33.42.1
* ocfs2-kmp-azure-debuginfo-5.14.21-150500.33.42.1
* kernel-azure-debuginfo-5.14.21-150500.33.42.1
* reiserfs-kmp-azure-debuginfo-5.14.21-150500.33.42.1
* kselftests-kmp-azure-5.14.21-150500.33.42.1
* kernel-syms-azure-5.14.21-150500.33.42.1
* reiserfs-kmp-azure-5.14.21-150500.33.42.1
* dlm-kmp-azure-5.14.21-150500.33.42.1
* kernel-azure-devel-debuginfo-5.14.21-150500.33.42.1
* kernel-azure-livepatch-devel-5.14.21-150500.33.42.1
* cluster-md-kmp-azure-debuginfo-5.14.21-150500.33.42.1
* kernel-azure-debugsource-5.14.21-150500.33.42.1
* cluster-md-kmp-azure-5.14.21-150500.33.42.1
* kernel-azure-devel-5.14.21-150500.33.42.1
* kernel-azure-extra-5.14.21-150500.33.42.1
* ocfs2-kmp-azure-5.14.21-150500.33.42.1
* kernel-azure-optional-debuginfo-5.14.21-150500.33.42.1
* openSUSE Leap 15.5 (aarch64 nosrc x86_64)
* kernel-azure-5.14.21-150500.33.42.1
* openSUSE Leap 15.5 (x86_64)
* kernel-azure-vdso-debuginfo-5.14.21-150500.33.42.1
* kernel-azure-vdso-5.14.21-150500.33.42.1
* openSUSE Leap 15.5 (noarch)
* kernel-source-azure-5.14.21-150500.33.42.1
* kernel-devel-azure-5.14.21-150500.33.42.1
* Public Cloud Module 15-SP5 (aarch64 nosrc x86_64)
* kernel-azure-5.14.21-150500.33.42.1
* Public Cloud Module 15-SP5 (aarch64 x86_64)
* kernel-syms-azure-5.14.21-150500.33.42.1
* kernel-azure-debugsource-5.14.21-150500.33.42.1
* kernel-azure-debuginfo-5.14.21-150500.33.42.1
* kernel-azure-devel-5.14.21-150500.33.42.1
* kernel-azure-devel-debuginfo-5.14.21-150500.33.42.1
* Public Cloud Module 15-SP5 (noarch)
* kernel-source-azure-5.14.21-150500.33.42.1
* kernel-devel-azure-5.14.21-150500.33.42.1

## References:

* https://www.suse.com/security/cve/CVE-2021-46925.html
* https://www.suse.com/security/cve/CVE-2021-46926.html
* https://www.suse.com/security/cve/CVE-2021-46927.html
* https://www.suse.com/security/cve/CVE-2021-46929.html
* https://www.suse.com/security/cve/CVE-2021-46930.html
* https://www.suse.com/security/cve/CVE-2021-46931.html
* https://www.suse.com/security/cve/CVE-2021-46933.html
* https://www.suse.com/security/cve/CVE-2021-46936.html
* https://www.suse.com/security/cve/CVE-2021-47082.html
* https://www.suse.com/security/cve/CVE-2021-47087.html
* https://www.suse.com/security/cve/CVE-2021-47091.html
* https://www.suse.com/security/cve/CVE-2021-47093.html
* https://www.suse.com/security/cve/CVE-2021-47094.html
* https://www.suse.com/security/cve/CVE-2021-47095.html
* https://www.suse.com/security/cve/CVE-2021-47096.html
* https://www.suse.com/security/cve/CVE-2021-47097.html
* https://www.suse.com/security/cve/CVE-2021-47098.html
* https://www.suse.com/security/cve/CVE-2021-47099.html
* https://www.suse.com/security/cve/CVE-2021-47100.html
* https://www.suse.com/security/cve/CVE-2021-47101.html
* https://www.suse.com/security/cve/CVE-2021-47102.html
* https://www.suse.com/security/cve/CVE-2021-47104.html
* https://www.suse.com/security/cve/CVE-2021-47105.html
* https://www.suse.com/security/cve/CVE-2021-47107.html
* https://www.suse.com/security/cve/CVE-2021-47108.html
* https://www.suse.com/security/cve/CVE-2022-4744.html
* https://www.suse.com/security/cve/CVE-2022-48626.html
* https://www.suse.com/security/cve/CVE-2022-48629.html
* https://www.suse.com/security/cve/CVE-2022-48630.html
* https://www.suse.com/security/cve/CVE-2023-0160.html
* https://www.suse.com/security/cve/CVE-2023-28746.html
* https://www.suse.com/security/cve/CVE-2023-35827.html
* https://www.suse.com/security/cve/CVE-2023-4881.html
* https://www.suse.com/security/cve/CVE-2023-52447.html
* https://www.suse.com/security/cve/CVE-2023-52450.html
* https://www.suse.com/security/cve/CVE-2023-52453.html
* https://www.suse.com/security/cve/CVE-2023-52454.html
* https://www.suse.com/security/cve/CVE-2023-52469.html
* https://www.suse.com/security/cve/CVE-2023-52470.html
* https://www.suse.com/security/cve/CVE-2023-52474.html
* https://www.suse.com/security/cve/CVE-2023-52476.html
* https://www.suse.com/security/cve/CVE-2023-52477.html
* https://www.suse.com/security/cve/CVE-2023-52481.html
* https://www.suse.com/security/cve/CVE-2023-52484.html
* https://www.suse.com/security/cve/CVE-2023-52486.html
* https://www.suse.com/security/cve/CVE-2023-52492.html
* https://www.suse.com/security/cve/CVE-2023-52493.html
* https://www.suse.com/security/cve/CVE-2023-52494.html
* https://www.suse.com/security/cve/CVE-2023-52497.html
* https://www.suse.com/security/cve/CVE-2023-52500.html
* https://www.suse.com/security/cve/CVE-2023-52501.html
* https://www.suse.com/security/cve/CVE-2023-52502.html
* https://www.suse.com/security/cve/CVE-2023-52504.html
* https://www.suse.com/security/cve/CVE-2023-52507.html
* https://www.suse.com/security/cve/CVE-2023-52508.html
* https://www.suse.com/security/cve/CVE-2023-52509.html
* https://www.suse.com/security/cve/CVE-2023-52510.html
* https://www.suse.com/security/cve/CVE-2023-52511.html
* https://www.suse.com/security/cve/CVE-2023-52513.html
* https://www.suse.com/security/cve/CVE-2023-52515.html
* https://www.suse.com/security/cve/CVE-2023-52517.html
* https://www.suse.com/security/cve/CVE-2023-52518.html
* https://www.suse.com/security/cve/CVE-2023-52519.html
* https://www.suse.com/security/cve/CVE-2023-52520.html
* https://www.suse.com/security/cve/CVE-2023-52523.html
* https://www.suse.com/security/cve/CVE-2023-52524.html
* https://www.suse.com/security/cve/CVE-2023-52525.html
* https://www.suse.com/security/cve/CVE-2023-52528.html
* https://www.suse.com/security/cve/CVE-2023-52529.html
* https://www.suse.com/security/cve/CVE-2023-52532.html
* https://www.suse.com/security/cve/CVE-2023-52563.html
* https://www.suse.com/security/cve/CVE-2023-52564.html
* https://www.suse.com/security/cve/CVE-2023-52566.html
* https://www.suse.com/security/cve/CVE-2023-52567.html
* https://www.suse.com/security/cve/CVE-2023-52569.html
* https://www.suse.com/security/cve/CVE-2023-52574.html
* https://www.suse.com/security/cve/CVE-2023-52575.html
* https://www.suse.com/security/cve/CVE-2023-52576.html
* https://www.suse.com/security/cve/CVE-2023-52582.html
* https://www.suse.com/security/cve/CVE-2023-52583.html
* https://www.suse.com/security/cve/CVE-2023-52587.html
* https://www.suse.com/security/cve/CVE-2023-52591.html
* https://www.suse.com/security/cve/CVE-2023-52594.html
* https://www.suse.com/security/cve/CVE-2023-52595.html
* https://www.suse.com/security/cve/CVE-2023-52597.html
* https://www.suse.com/security/cve/CVE-2023-52598.html
* https://www.suse.com/security/cve/CVE-2023-52599.html
* https://www.suse.com/security/cve/CVE-2023-52600.html
* https://www.suse.com/security/cve/CVE-2023-52601.html
* https://www.suse.com/security/cve/CVE-2023-52602.html
* https://www.suse.com/security/cve/CVE-2023-52603.html
* https://www.suse.com/security/cve/CVE-2023-52604.html
* https://www.suse.com/security/cve/CVE-2023-52605.html
* https://www.suse.com/security/cve/CVE-2023-52606.html
* https://www.suse.com/security/cve/CVE-2023-52607.html
* https://www.suse.com/security/cve/CVE-2023-52608.html
* https://www.suse.com/security/cve/CVE-2023-52612.html
* https://www.suse.com/security/cve/CVE-2023-52615.html
* https://www.suse.com/security/cve/CVE-2023-52617.html
* https://www.suse.com/security/cve/CVE-2023-52619.html
* https://www.suse.com/security/cve/CVE-2023-52621.html
* https://www.suse.com/security/cve/CVE-2023-52623.html
* https://www.suse.com/security/cve/CVE-2023-52628.html
* https://www.suse.com/security/cve/CVE-2023-52632.html
* https://www.suse.com/security/cve/CVE-2023-52637.html
* https://www.suse.com/security/cve/CVE-2023-52639.html
* https://www.suse.com/security/cve/CVE-2023-6356.html
* https://www.suse.com/security/cve/CVE-2023-6535.html
* https://www.suse.com/security/cve/CVE-2023-6536.html
* https://www.suse.com/security/cve/CVE-2023-7042.html
* https://www.suse.com/security/cve/CVE-2023-7192.html
* https://www.suse.com/security/cve/CVE-2024-0841.html
* https://www.suse.com/security/cve/CVE-2024-2201.html
* https://www.suse.com/security/cve/CVE-2024-22099.html
* https://www.suse.com/security/cve/CVE-2024-23307.html
* https://www.suse.com/security/cve/CVE-2024-25739.html
* https://www.suse.com/security/cve/CVE-2024-26599.html
* https://www.suse.com/security/cve/CVE-2024-26600.html
* https://www.suse.com/security/cve/CVE-2024-26602.html
* https://www.suse.com/security/cve/CVE-2024-26612.html
* https://www.suse.com/security/cve/CVE-2024-26614.html
* https://www.suse.com/security/cve/CVE-2024-26620.html
* https://www.suse.com/security/cve/CVE-2024-26627.html
* https://www.suse.com/security/cve/CVE-2024-26629.html
* https://www.suse.com/security/cve/CVE-2024-26642.html
* https://www.suse.com/security/cve/CVE-2024-26645.html
* https://www.suse.com/security/cve/CVE-2024-26646.html
* https://www.suse.com/security/cve/CVE-2024-26651.html
* https://www.suse.com/security/cve/CVE-2024-26654.html
* https://www.suse.com/security/cve/CVE-2024-26659.html
* https://www.suse.com/security/cve/CVE-2024-26664.html
* https://www.suse.com/security/cve/CVE-2024-26667.html
* https://www.suse.com/security/cve/CVE-2024-26670.html
* https://www.suse.com/security/cve/CVE-2024-26695.html
* https://www.suse.com/security/cve/CVE-2024-26717.html
* https://bugzilla.suse.com/show_bug.cgi?id=1194869
* https://bugzilla.suse.com/show_bug.cgi?id=1200465
* https://bugzilla.suse.com/show_bug.cgi?id=1205316
* https://bugzilla.suse.com/show_bug.cgi?id=1207948
* https://bugzilla.suse.com/show_bug.cgi?id=1209635
* https://bugzilla.suse.com/show_bug.cgi?id=1209657
* https://bugzilla.suse.com/show_bug.cgi?id=1212514
* https://bugzilla.suse.com/show_bug.cgi?id=1213456
* https://bugzilla.suse.com/show_bug.cgi?id=1214852
* https://bugzilla.suse.com/show_bug.cgi?id=1215221
* https://bugzilla.suse.com/show_bug.cgi?id=1215322
* https://bugzilla.suse.com/show_bug.cgi?id=1217339
* https://bugzilla.suse.com/show_bug.cgi?id=1217959
* https://bugzilla.suse.com/show_bug.cgi?id=1217987
* https://bugzilla.suse.com/show_bug.cgi?id=1217988
* https://bugzilla.suse.com/show_bug.cgi?id=1217989
* https://bugzilla.suse.com/show_bug.cgi?id=1218321
* https://bugzilla.suse.com/show_bug.cgi?id=1218336
* https://bugzilla.suse.com/show_bug.cgi?id=1218479
* https://bugzilla.suse.com/show_bug.cgi?id=1218643
* https://bugzilla.suse.com/show_bug.cgi?id=1218777
* https://bugzilla.suse.com/show_bug.cgi?id=1219169
* https://bugzilla.suse.com/show_bug.cgi?id=1219170
* https://bugzilla.suse.com/show_bug.cgi?id=1219264
* https://bugzilla.suse.com/show_bug.cgi?id=1219834
* https://bugzilla.suse.com/show_bug.cgi?id=1220114
* https://bugzilla.suse.com/show_bug.cgi?id=1220176
* https://bugzilla.suse.com/show_bug.cgi?id=1220237
* https://bugzilla.suse.com/show_bug.cgi?id=1220251
* https://bugzilla.suse.com/show_bug.cgi?id=1220320
* https://bugzilla.suse.com/show_bug.cgi?id=1220337
* https://bugzilla.suse.com/show_bug.cgi?id=1220340
* https://bugzilla.suse.com/show_bug.cgi?id=1220365
* https://bugzilla.suse.com/show_bug.cgi?id=1220366
* https://bugzilla.suse.com/show_bug.cgi?id=1220398
* https://bugzilla.suse.com/show_bug.cgi?id=1220411
* https://bugzilla.suse.com/show_bug.cgi?id=1220413
* https://bugzilla.suse.com/show_bug.cgi?id=1220439
* https://bugzilla.suse.com/show_bug.cgi?id=1220443
* https://bugzilla.suse.com/show_bug.cgi?id=1220445
* https://bugzilla.suse.com/show_bug.cgi?id=1220466
* https://bugzilla.suse.com/show_bug.cgi?id=1220478
* https://bugzilla.suse.com/show_bug.cgi?id=1220482
* https://bugzilla.suse.com/show_bug.cgi?id=1220484
* https://bugzilla.suse.com/show_bug.cgi?id=1220486
* https://bugzilla.suse.com/show_bug.cgi?id=1220487
* https://bugzilla.suse.com/show_bug.cgi?id=1220492
* https://bugzilla.suse.com/show_bug.cgi?id=1220703
* https://bugzilla.suse.com/show_bug.cgi?id=1220775
* https://bugzilla.suse.com/show_bug.cgi?id=1220790
* https://bugzilla.suse.com/show_bug.cgi?id=1220797
* https://bugzilla.suse.com/show_bug.cgi?id=1220831
* https://bugzilla.suse.com/show_bug.cgi?id=1220833
* https://bugzilla.suse.com/show_bug.cgi?id=1220836
* https://bugzilla.suse.com/show_bug.cgi?id=1220839
* https://bugzilla.suse.com/show_bug.cgi?id=1220840
* https://bugzilla.suse.com/show_bug.cgi?id=1220843
* https://bugzilla.suse.com/show_bug.cgi?id=1220870
* https://bugzilla.suse.com/show_bug.cgi?id=1220871
* https://bugzilla.suse.com/show_bug.cgi?id=1220872
* https://bugzilla.suse.com/show_bug.cgi?id=1220878
* https://bugzilla.suse.com/show_bug.cgi?id=1220879
* https://bugzilla.suse.com/show_bug.cgi?id=1220883
* https://bugzilla.suse.com/show_bug.cgi?id=1220885
* https://bugzilla.suse.com/show_bug.cgi?id=1220887
* https://bugzilla.suse.com/show_bug.cgi?id=1220898
* https://bugzilla.suse.com/show_bug.cgi?id=1220918
* https://bugzilla.suse.com/show_bug.cgi?id=1220920
* https://bugzilla.suse.com/show_bug.cgi?id=1220921
* https://bugzilla.suse.com/show_bug.cgi?id=1220926
* https://bugzilla.suse.com/show_bug.cgi?id=1220927
* https://bugzilla.suse.com/show_bug.cgi?id=1220929
* https://bugzilla.suse.com/show_bug.cgi?id=1220932
* https://bugzilla.suse.com/show_bug.cgi?id=1220937
* https://bugzilla.suse.com/show_bug.cgi?id=1220938
* https://bugzilla.suse.com/show_bug.cgi?id=1220940
* https://bugzilla.suse.com/show_bug.cgi?id=1220954
* https://bugzilla.suse.com/show_bug.cgi?id=1220955
* https://bugzilla.suse.com/show_bug.cgi?id=1220959
* https://bugzilla.suse.com/show_bug.cgi?id=1220960
* https://bugzilla.suse.com/show_bug.cgi?id=1220961
* https://bugzilla.suse.com/show_bug.cgi?id=1220965
* https://bugzilla.suse.com/show_bug.cgi?id=1220969
* https://bugzilla.suse.com/show_bug.cgi?id=1220978
* https://bugzilla.suse.com/show_bug.cgi?id=1220979
* https://bugzilla.suse.com/show_bug.cgi?id=1220981
* https://bugzilla.suse.com/show_bug.cgi?id=1220982
* https://bugzilla.suse.com/show_bug.cgi?id=1220983
* https://bugzilla.suse.com/show_bug.cgi?id=1220985
* https://bugzilla.suse.com/show_bug.cgi?id=1220986
* https://bugzilla.suse.com/show_bug.cgi?id=1220987
* https://bugzilla.suse.com/show_bug.cgi?id=1220989
* https://bugzilla.suse.com/show_bug.cgi?id=1220990
* https://bugzilla.suse.com/show_bug.cgi?id=1221009
* https://bugzilla.suse.com/show_bug.cgi?id=1221012
* https://bugzilla.suse.com/show_bug.cgi?id=1221015
* https://bugzilla.suse.com/show_bug.cgi?id=1221022
* https://bugzilla.suse.com/show_bug.cgi?id=1221039
* https://bugzilla.suse.com/show_bug.cgi?id=1221040
* https://bugzilla.suse.com/show_bug.cgi?id=1221044
* https://bugzilla.suse.com/show_bug.cgi?id=1221045
* https://bugzilla.suse.com/show_bug.cgi?id=1221046
* https://bugzilla.suse.com/show_bug.cgi?id=1221048
* https://bugzilla.suse.com/show_bug.cgi?id=1221055
* https://bugzilla.suse.com/show_bug.cgi?id=1221056
* https://bugzilla.suse.com/show_bug.cgi?id=1221058
* https://bugzilla.suse.com/show_bug.cgi?id=1221060
* https://bugzilla.suse.com/show_bug.cgi?id=1221061
* https://bugzilla.suse.com/show_bug.cgi?id=1221062
* https://bugzilla.suse.com/show_bug.cgi?id=1221066
* https://bugzilla.suse.com/show_bug.cgi?id=1221067
* https://bugzilla.suse.com/show_bug.cgi?id=1221068
* https://bugzilla.suse.com/show_bug.cgi?id=1221069
* https://bugzilla.suse.com/show_bug.cgi?id=1221070
* https://bugzilla.suse.com/show_bug.cgi?id=1221071
* https://bugzilla.suse.com/show_bug.cgi?id=1221077
* https://bugzilla.suse.com/show_bug.cgi?id=1221082
* https://bugzilla.suse.com/show_bug.cgi?id=1221090
* https://bugzilla.suse.com/show_bug.cgi?id=1221097
* https://bugzilla.suse.com/show_bug.cgi?id=1221156
* https://bugzilla.suse.com/show_bug.cgi?id=1221252
* https://bugzilla.suse.com/show_bug.cgi?id=1221273
* https://bugzilla.suse.com/show_bug.cgi?id=1221274
* https://bugzilla.suse.com/show_bug.cgi?id=1221276
* https://bugzilla.suse.com/show_bug.cgi?id=1221277
* https://bugzilla.suse.com/show_bug.cgi?id=1221291
* https://bugzilla.suse.com/show_bug.cgi?id=1221293
* https://bugzilla.suse.com/show_bug.cgi?id=1221298
* https://bugzilla.suse.com/show_bug.cgi?id=1221337
* https://bugzilla.suse.com/show_bug.cgi?id=1221338
* https://bugzilla.suse.com/show_bug.cgi?id=1221375
* https://bugzilla.suse.com/show_bug.cgi?id=1221379
* https://bugzilla.suse.com/show_bug.cgi?id=1221551
* https://bugzilla.suse.com/show_bug.cgi?id=1221553
* https://bugzilla.suse.com/show_bug.cgi?id=1221613
* https://bugzilla.suse.com/show_bug.cgi?id=1221614
* https://bugzilla.suse.com/show_bug.cgi?id=1221616
* https://bugzilla.suse.com/show_bug.cgi?id=1221618
* https://bugzilla.suse.com/show_bug.cgi?id=1221631
* https://bugzilla.suse.com/show_bug.cgi?id=1221633
* https://bugzilla.suse.com/show_bug.cgi?id=1221713
* https://bugzilla.suse.com/show_bug.cgi?id=1221777
* https://bugzilla.suse.com/show_bug.cgi?id=1221814
* https://bugzilla.suse.com/show_bug.cgi?id=1221816
* https://bugzilla.suse.com/show_bug.cgi?id=1221830
* https://bugzilla.suse.com/show_bug.cgi?id=1221951
* https://bugzilla.suse.com/show_bug.cgi?id=1222033
* https://bugzilla.suse.com/show_bug.cgi?id=1222056
* https://bugzilla.suse.com/show_bug.cgi?id=1222060
* https://bugzilla.suse.com/show_bug.cgi?id=1222070
* https://bugzilla.suse.com/show_bug.cgi?id=1222073
* https://bugzilla.suse.com/show_bug.cgi?id=1222117
* https://bugzilla.suse.com/show_bug.cgi?id=1222274
* https://bugzilla.suse.com/show_bug.cgi?id=1222291
* https://bugzilla.suse.com/show_bug.cgi?id=1222300
* https://bugzilla.suse.com/show_bug.cgi?id=1222304
* https://bugzilla.suse.com/show_bug.cgi?id=1222317
* https://bugzilla.suse.com/show_bug.cgi?id=1222331
* https://bugzilla.suse.com/show_bug.cgi?id=1222355
* https://bugzilla.suse.com/show_bug.cgi?id=1222356
* https://bugzilla.suse.com/show_bug.cgi?id=1222360
* https://bugzilla.suse.com/show_bug.cgi?id=1222366
* https://bugzilla.suse.com/show_bug.cgi?id=1222373
* https://bugzilla.suse.com/show_bug.cgi?id=1222619
* https://jira.suse.com/browse/PED-5759
* https://jira.suse.com/browse/PED-7167
* https://jira.suse.com/browse/PED-7619